SoftEther VPN server on virtual machine. Can't ping host machine

[alexek]

Hello everybody!

My setup is the following: I have a PC (win10) that is connected to corporate VPN. This VPN excludes split tunnel on IPv4 and bypasses all traffic on IPv6.
Therefore, my only options to connect to this PC is IPv6 only during VPN session. To connect to this PC, I run a virtual machine on it (win10). This virtual machine (VMWare) runs SoftEtherVPN server. This SoftEther VPN server has a local bridge configuration with VMNet1 (an IPv6 LAN between host PC and virtual machine) VMware Network Adapter. So far so good. Now, I'm using Android VPN Client Pro in OpenVPN-connection type with TapEmulator. I'm connecting successfully and see a local session of OPENVPN_L2 type. The IPv6 of my host machine appears in IP address table under LOCALBRIDGE session type. The IPv6 of my Android device, connected to SoftEther VPN server appears there also, under OPENVPN_L2 session. To my understanding, I shall now be able to ping IPv6 of my host machine from my Android device. Well, I can't... But! I can ping the IPv6 of my Android device (assigned to my Android by SoftEther VPN server) from my host machine! When SoftEther local bridge is disabled and SoftEther VPN server is off, I can freely ping my host machine from my virtual machine via the VMNet1 LAN. So I don't think it is something related to firewall or other blocking stuff on my host machine.
I made sure that Promiscuous mode is enabled in my VM config file by including ethernet0.noPromisc = "FALSE" into my vmx file.

Would be glad for any advice!

Thanks!

[alexek]

I was able to solve the issue. It was related to VPN server not forwarding to VPN client the IPv6 route. As a result, all IPv6 traffic from my Android went over my LAN and not VPN. So, in analogy to IPv4, I assigned my host machine a unique local address fd00::<host_machine_id> manually, and added a route to VPN client ::/0->fd00::<host_machine_id>. Then all began to work! What was confusing me is the link-local addresses. All my IPv6 supporting interfaces had only those. I draw an analogy between them and the local IPv4 addresses (e.g. 192.168.X.X) which is wrong (link-local analog in IPv4 is the 169.254.X.X). My only issue left is that link-local traffic is not routed to VPN on my Android. I think this is due to VPN client emulating the TAP device over TUN and there is no separate virtual network interface created on my Android and as a result link-local traffic goes only to the single interface wlan0. On the contrary, when I use VPN client on a windows PC, I have a dedicated virtual network interface when connected to VPN server and link-local traffic from it does reach the VPN.