Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static IP addresses for OpenVPN clients

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 4 Posters 6.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      bmcgonag
      last edited by

      Ok, so I'm trying to do this as well.  I am trying to change the client specific override for a Windows machine, and I'm not following exactly what to do.

      In Common Name field I have my user's certificate CN entered.

      In the Advanced field I have tried:

      ifconfig-push 192.158.2.7 192.168.2.0;  Where 192.168.2.7 is the desired IP, and 192.168.2.0 is the tunnel network for my OpenVPN.

      Also tried
      ifconfig-push 192.168.2.7 192.168.2.1; incase the .1 was the server address or something odd.

      ifconfig-push 192.168.2.7/30 192.168.2.0/24;  no luck

      192.168.2.4/30; according to what the article above said (in advanced space).

      So, if someone can tell me what values go where, I would appreciate it.  Each time I try and reconnect, I get 192.168.2.2 as my client IP no matter what I do.

      Thanks,

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        I split your post off from the other topic, it's not really related and that was a very old thread.

        Don't use ifconfig-push, just fill in the Tunnel Network on the override page and let the firewall work out the details.

        If you are using tun in net30 mode, enter 192.158.2.4/30 (.7 isn't valid in that case) – this translates to "ifconfig-push 192.158.2.6 192.158.2.5";

        If you are using tun in topology subnet mode or tap, enter 192.158.2.7/24 -- this translates to "ifconfig-push 192.158.2.7 255.255.255.0";

        In the latter case the second parameter is a subnet mask, not a network address like you were attempting to use.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • PippinP Offline
          Pippin
          last edited by

          @jimp:

          If you are using tun in topology subnet mode or tap, enter 192.158.2.7/24 – this translates to "ifconfig-push 192.158.2.7 255.255.255.0";

          Golden  ;D

          Thanks.

          I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
          Halton Arp

          1 Reply Last reply Reply Quote 0
          • F Offline
            failure
            last edited by

            HINT: Don't forget to reload / restart your OpenVPN server, after chancing CCD / User specific config.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.