<![CDATA[Client Specific Overrides]]>Hello,

To give different access to the network with the OpenVPN server for users , I create each time a "Client Specific Overrides" with a "tunnel network" more specific.

Exemple:

OpenVPN Serveur tunnel network : 192.168.100.0/24
User1 : 192.168.156.64/26
User2 : 192.168.156.128/26

And I create specific rules for each prefix / 26 in the firewall

But since I have update my pfSense, all the more specific prefixes than /25 do not work. The problem is that I can not do a lot of /25 in a /24 . Why /26 or /27 is not long working? Can not connect with OpenVPN Client

thanks

]]>https://forum.netgate.com/topic/104763/client-specific-overridesRSS for NodeMon, 13 Apr 2026 14:40:50 GMTMon, 29 Aug 2016 21:30:12 GMT60<![CDATA[Reply to Client Specific Overrides on Mon, 29 Aug 2016 22:39:10 GMT]]>@johnpoz:

why would you not just give the user specific IP in your tunnel

Even better! But how we specify a specific IP for a user in tunnel ? Same configuration (Client Specific Overrides) with a CIDR / 32 ?

]]>https://forum.netgate.com/post/646707https://forum.netgate.com/post/646707Mon, 29 Aug 2016 22:39:10 GMT<![CDATA[Reply to Client Specific Overrides on Mon, 29 Aug 2016 22:05:42 GMT]]>If your using client overrides why would you not just give the user specific IP in your tunnel and then make your rules based upon their IP directly why would they need a /26?  Are you wanting vpn users to be able to talk to each other while they are all connected to the vpn directly?

If you want to use the /cidr in your firewall rules that fine to give a group of users access to something, etc.  A few rev back they did change the default behavior of the topology and net30, etc..

https://redmine.pfsense.org/issues/5526

If you were using net30 you can change it back to that..

]]>https://forum.netgate.com/post/646704https://forum.netgate.com/post/646704Mon, 29 Aug 2016 22:05:42 GMT