Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN gets dhcp seemingly fake DHCP clash error message on Windows 10 client

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 517 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • lifeboyL
      lifeboy
      last edited by

      I'm testing a client's OVPN connection and I'm running into a strange error, for which I cannot find a reason.

      The error:
      ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to 10.0.16.0

      2024-04-23 16:50:37 [Mac-Pack-mobile] Peer Connection Initiated with [AF_INET]197.214.119.130:1197
2024-04-23 16:50:38 open_tun
2024-04-23 16:50:38 tap-windows6 device [OpenVPN TAP-Windows6] opened
2024-04-23 16:50:38 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.16.0/10.0.16.0/255.255.255.192 [SUCCEEDED]
2024-04-23 16:50:38 ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to 10.0.16.0 -- please use the --ip-win32 dynamic option to choose a different free address from the --ifconfig subnet for the internal DHCP server

      Here is my server config:

      [2.7.2-RELEASE][admin@fw-1A.fast.za.net]/root: cat /var/etc/openvpn/server5/config.ovpn
dev ovpns5
verb 1
dev-type tun
dev-node /dev/tun5
writepid /var/run/openvpn_server5.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
learn-address "/usr/local/sbin/openvpn.learn-address.sh fast.za.net"
local 197.214.119.130
tls-server
server 10.0.16.0 255.255.255.192
client-config-dir /var/etc/openvpn/server5/csc
username-as-common-name
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user TG9jYWwgRGF0YWJhc2U= false server5 1197
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'Mac-Pack-mobile' 1"
lport 1197
management /var/etc/openvpn/server5/sock unix
max-clients 2
push "route 192.168.152.8 255.255.255.248"
push "dhcp-option DNS 192.168.152.14"
capath /var/etc/openvpn/server5/ca
cert /var/etc/openvpn/server5/cert
key /var/etc/openvpn/server5/key
dh /etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server5/tls-auth 0
data-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC
data-ciphers-fallback AES-128-CBC
allow-compression no
persist-remote-ip
float
topology subnet
explicit-exit-notify 1
push "ip-win32 dynamic 0 3600"

      Which DHCP is this refering to? I'm not using DHCP in the server environment at all and the client gets a 192.168.1.0/24 address on the LAN port.

      I have changed the range of this address to number of different networks, but the error persists. (Tried: 10.10.10.0/24, /25, /26, 10.16.0.0/24 and probably some more)

      It doesn't happen in 4 other clients that I tested this with though.

      P 1 Reply Last reply Reply Quote 0
      • P
        pwood999 @lifeboy
        last edited by

        @lifeboy Does the windows client machine have other network adapters such as vmware virtual adapters ?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.