Client override

voxel

I'm trying to get different subnets for my vpn users based on their CN.

Example,
Regular users: 10.50.0.1/24
Admin users: 10.50.1.1/24

I've fiddled a little with client overrides and regular users work as expected but admins get correct tunnel ip but nothing else works.

Currently I've only set the common name and "IPv4 Tunnel Network" setting in the client override profile.

I get below warning message in the logs (Windows 10 2.5.7),

route gateway is not reachable on any active network adapters: 10.50.0.1

Is client override a viable method for achieving this or should i setup two different servers instead?

viragomann

@voxel
Basically yes, you can achieve this with CSO.
However, since you obviously only need two user groups with multiple users in each, I'd prefer to set up two separated OpenVPN servers.

Regular users: 10.50.0.1/24
Admin users: 10.50.1.1/24

route gateway is not reachable on any active network adapters: 10.50.0.1

I suspect your servers tunnel network is 10.50.0.1/24 and the server uses subnet topology.
If so you must state a single IP in each CSO, which has to be within the tunnel subnet.

voxel

@viragomann
Thank you!

Went with two servers and now everything is working as expected.