Skip to content

Instantly share code, notes, and snippets.

@mikaeldui

mikaeldui/Proton VPN IPv6 Manual Setup.md

Last active May 17, 2025 22:28
Show Gist options
  • Save mikaeldui/12127c91ccece42ea375c9f42d94aa8a to your computer and use it in GitHub Desktop.
Save mikaeldui/12127c91ccece42ea375c9f42d94aa8a to your computer and use it in GitHub Desktop.
Download ZIP
Proton VPN IPv6 Manual Setup
Raw
Proton VPN IPv6 Manual Setup.md

Proton VPN IPv6 Manual Setup

Over 80% of the servers support IPv6 but only the Linux app and the browser extension support it at the moment.

The Linux app supports IPv6 over the VPN but still connects to the VPN server using IPv4.

It's possible to make changes to the WireGuard configs that you can get from https://account.protonvpn.com/downloads to enable IPv6.

An easy way to test if a server supports IPv6 is to use the browser extension and then go to myip.wtf or test-ipv6.com.

Original .conf

Here's an example of a WireGuard profile I got for CH#600:

[Interface]
# Key for Reddit Test Config 2025-01-05
# Bouncing = 2
# NetShield = 1
# Moderate NAT = on
# NAT-PMP (Port Forwarding) = on
# VPN Accelerator = on
PrivateKey = *redacted*
Address = 10.2.0.2/32
DNS = 10.2.0.1

[Peer]
# CH#600
PublicKey = Ii6hAbnu84wZ8NzVt5+ylO4FnX+ANrKNzpFOSYq9dks=
Endpoint = 79.127.184.216:51820

# For Windows
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1

# For Linux, Android, routers, etc.
AllowedIPs = 0.0.0.0/0

IPv6 over VPN (Change Address and AllowedIPs)

I'll now make some changes to Address, DNS and AllowedIPs to enable IPv6 over VPN.

Note: 2a07:b944::2:2/128 and 2a07:b944::2:1 are the same for all servers, it's not specific to CH#600.

[Interface]
# Key for Reddit Test Config 2025-01-05
# Bouncing = 2
# NetShield = 1
# Moderate NAT = on
# NAT-PMP (Port Forwarding) = on
# VPN Accelerator = on
PrivateKey = *redacted*
Address = 10.2.0.2/32, 2a07:b944::2:2/128
DNS = 10.2.0.1, 2a07:b944::2:1

[Peer]
# CH#600
PublicKey = Ii6hAbnu84wZ8NzVt5+ylO4FnX+ANrKNzpFOSYq9dks=
Endpoint = 79.127.184.216:51820

# For Windows
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1

# For Linux, Android, routers, etc.
AllowedIPs = 0.0.0.0/0, ::/0

Add dual stack to the VPN server (Change Endpoint)

If your ISP supports IPv6 then you can enable IPv6 connectivity to the VPN server, and to do that we need to look up the node's domain at https://api.protonmail.ch/vpn/logicals https://mikaeldui.github.io/proton-vpn-server-list/. For CH#600 the domain is node-ch-31.protonvpn.net. This can be used as the Endpoint to enable automatic switching between IPv4 and IPv6, useful on a phone or laptop using hotspots without IPv6.

[Interface]
# Key for Reddit Test Config 2025-01-05
# Bouncing = 2
# NetShield = 1
# Moderate NAT = on
# NAT-PMP (Port Forwarding) = on
# VPN Accelerator = on
PrivateKey = *redacted*
Address = 10.2.0.2/32, 2a07:b944::2:2/128
DNS = 10.2.0.1, 2a07:b944::2:1

[Peer]
# CH#600
PublicKey = Ii6hAbnu84wZ8NzVt5+ylO4FnX+ANrKNzpFOSYq9dks=
Endpoint = node-ch-31.protonvpn.net:51820

# For Windows
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1

# For Linux, Android, routers, etc.
AllowedIPs = 0.0.0.0/0, ::/0

Or IPv6 only to the VPN Server (Change Endpoint)

Or, you can look up its IPv6 address (in the AAAA record) and force connections to the VPN over IPv6 like this:

You can also find IPv6 addresses for the nodes at https://mikaeldui.github.io/proton-vpn-server-list/.

[Interface]
# Key for Reddit Test Config 2025-01-05
# Bouncing = 2
# NetShield = 1
# Moderate NAT = on
# NAT-PMP (Port Forwarding) = on
# VPN Accelerator = on
PrivateKey = *redacted*
Address = 10.2.0.2/32, 2a07:b944::2:2/128
DNS = 10.2.0.1, 2a07:b944::2:1

[Peer]
# CH#600
PublicKey = Ii6hAbnu84wZ8NzVt5+ylO4FnX+ANrKNzpFOSYq9dks=
Endpoint = [2a02:6ea0:d411:5432::10]:51820

# For Windows
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1

# For Linux, Android, routers, etc.
AllowedIPs = 0.0.0.0/0, ::/0

Put this conf in any WireGuard app and enjoy your fully IPv6 enabled VPN!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment