Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client override

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 624 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      voxel
      last edited by

      I'm trying to get different subnets for my vpn users based on their CN.

      Example,
      Regular users: 10.50.0.1/24
      Admin users: 10.50.1.1/24

      I've fiddled a little with client overrides and regular users work as expected but admins get correct tunnel ip but nothing else works.

      Currently I've only set the common name and "IPv4 Tunnel Network" setting in the client override profile.

      I get below warning message in the logs (Windows 10 2.5.7),

      route gateway is not reachable on any active network adapters: 10.50.0.1
      

      Is client override a viable method for achieving this or should i setup two different servers instead?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @voxel
        last edited by

        @voxel
        Basically yes, you can achieve this with CSO.
        However, since you obviously only need two user groups with multiple users in each, I'd prefer to set up two separated OpenVPN servers.

        Regular users: 10.50.0.1/24
        Admin users: 10.50.1.1/24

        route gateway is not reachable on any active network adapters: 10.50.0.1
        

        I suspect your servers tunnel network is 10.50.0.1/24 and the server uses subnet topology.
        If so you must state a single IP in each CSO, which has to be within the tunnel subnet.

        V 1 Reply Last reply Reply Quote 1
        • V
          voxel @viragomann
          last edited by

          @viragomann
          Thank you!

          Went with two servers and now everything is working as expected.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.