Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    After assigning static ip to client via "Client Specific Overrides" cant ping openvpn server

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      CoyoteKG
      last edited by

      Hello,

      I finally set OpenVPN server and everything works fine.
      Now I'm planning to connect few server in the same LAN, and trying to find how to assign static IP addresses to clients.

      Tested with my notebook, I added via "Client Specific Overrides" in additional settings
      ifconfig-push 10.9.9.3 255.255.255.0

      Restarted openvpn service, and successfully connected vi my notebook, and got that address.
      Problem is that I have no access anymore to pfsense interface which is on 10.9.9.1. I can't ping 10.9.9.1

      If I disable that Override, I'm getting address 10.9.9.2 and everything works. Can ping 10.9.9.1 and connect to pfsense web interface.

      I compare routes on my local PC, and ipconfig settings in both cases, and everything is the same.

      This is Firewall setup. Everything is default

      0_1533142927082_a1b7cc08-7660-46b4-a1e2-dda8401f7460-image.png

      0_1533142950896_053637f5-8191-4bcb-870d-496e8eb9ecb6-image.png

      0_1533142971801_c99b2e15-7fb4-4de7-9aff-57cdbc995622-image.png

      This is from routes.
      0_1533144649720_3849dacb-c250-4deb-8307-8e46e52a093d-image.png

      Can you direct me what is different between manually assigned static IP to client, and automatically added by OpenVPN server.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Use something other than 10.9.9.0/24 as your tunnel address. That is conflicting with 10.9.9.0/24 on hn1.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 1
        • C
          CoyoteKG
          last edited by

          I tried already before and it works.
          That is correct solution

          Thank you,

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.