Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fixed IP for some users work , but other client also get this ip's

    OpenVPN
    1
    3
    3.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MaxHeadroom
      last edited by

      Hi,

      i have a troubles with openvpn;

      1.) i don't want the vpn dhcp running –>not possible i get always an ip
      2.) i want to give some users a fixed ip -->working with client override ->advance option->ifconfig-push 10.0.8.6 10.0.8.5;
      3.) Fixed ip's should never given to others --> don' work the other client got these ip.

      Maybe someone has a hint for me how to fix this behavor.

      regards max

      Version 2.0.3-RELEASE (i386)
      built on Fri Apr 12 10:22:21 EDT 2013
      FreeBSD 8.1-RELEASE-p13

      You are on the latest version.

      1 Reply Last reply Reply Quote 0
      • M
        MaxHeadroom
        last edited by

        Ok i found out why openvpn has this behavor in openvpn manual
        –server network netmask
            A helper directive designed to simplify the configuration of OpenVPN's server mode. This directive will set up an OpenVPN server which will allocate addresses to clients out of the given network/netmask. The server itself will take the ".1" address of the given network for use as the server-side endpoint of the local TUN/TAP interface.

        For example, --server 10.8.0.0 255.255.255.0 expands as follows:

        mode server
                tls-server

        if dev tun:
                  ifconfig 10.8.0.1 10.8.0.2
                  ifconfig-pool 10.8.0.4 10.8.0.251
                  route 10.8.0.0 255.255.255.0
                  if client-to-client:
                    push "route 10.8.0.0 255.255.255.0"
                  else
                    push "route 10.8.0.1"

        if dev tap:
                  ifconfig 10.8.0.1 255.255.255.0
                  ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0
                  push "route-gateway 10.8.0.1"

        Don't use --server if you are ethernet bridging. Use --server-bridge instead.

        The option Address Pool in WebGui make  no sense with this option.

        I altered the config file to
        mode server
        ifconfig-pool-persist /var/etc/openvpn/ipp.txt 0
        ifconfig-pool 10.0.8.6 10.0.8.10

        but it will destroyed after reboot.
        A option in the gui would be nice to remove the server option so custom option can be set.
        Also a persist file (ipp.txt??) should be generated from the client spec. override if there is a option ifconfig-push IPClient IPServer

        regards

        1 Reply Last reply Reply Quote 0
        • M
          MaxHeadroom
          last edited by

          I did a little mod on the /var/etc/openvpn/server1.conf

          and the config is changed like i wish but  it is not finished (diffrent between tun/tap)  but maybe someone can do this job better than i.

          in my config it add's now (no: server 192.168.4.0 255.255.255.0 any more:-)

          mode server
          ifconfig 192.168.4.1 192.168.4.2
          route 192.168.4.0 255.255.255.0
          ifconfig-pool 192.168.4.4 192.168.4.251
          push "route 192.168.4.1"

          openvpn.inc.txt

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.