• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN gets dhcp seemingly fake DHCP clash error message on Windows 10 client

Scheduled Pinned Locked Moved OpenVPN
2 Posts 2 Posters 437 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    lifeboy
    last edited by Apr 23, 2024, 3:07 PM

    I'm testing a client's OVPN connection and I'm running into a strange error, for which I cannot find a reason.

    The error:
    ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to 10.0.16.0

    2024-04-23 16:50:37 [Mac-Pack-mobile] Peer Connection Initiated with [AF_INET]197.214.119.130:1197
2024-04-23 16:50:38 open_tun
2024-04-23 16:50:38 tap-windows6 device [OpenVPN TAP-Windows6] opened
2024-04-23 16:50:38 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.16.0/10.0.16.0/255.255.255.192 [SUCCEEDED]
2024-04-23 16:50:38 ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to 10.0.16.0 -- please use the --ip-win32 dynamic option to choose a different free address from the --ifconfig subnet for the internal DHCP server

    Here is my server config:

    [2.7.2-RELEASE][admin@fw-1A.fast.za.net]/root: cat /var/etc/openvpn/server5/config.ovpn
dev ovpns5
verb 1
dev-type tun
dev-node /dev/tun5
writepid /var/run/openvpn_server5.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
learn-address "/usr/local/sbin/openvpn.learn-address.sh fast.za.net"
local 197.214.119.130
tls-server
server 10.0.16.0 255.255.255.192
client-config-dir /var/etc/openvpn/server5/csc
username-as-common-name
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user TG9jYWwgRGF0YWJhc2U= false server5 1197
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'Mac-Pack-mobile' 1"
lport 1197
management /var/etc/openvpn/server5/sock unix
max-clients 2
push "route 192.168.152.8 255.255.255.248"
push "dhcp-option DNS 192.168.152.14"
capath /var/etc/openvpn/server5/ca
cert /var/etc/openvpn/server5/cert
key /var/etc/openvpn/server5/key
dh /etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server5/tls-auth 0
data-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC
data-ciphers-fallback AES-128-CBC
allow-compression no
persist-remote-ip
float
topology subnet
explicit-exit-notify 1
push "ip-win32 dynamic 0 3600"

    Which DHCP is this refering to? I'm not using DHCP in the server environment at all and the client gets a 192.168.1.0/24 address on the LAN port.

    I have changed the range of this address to number of different networks, but the error persists. (Tried: 10.10.10.0/24, /25, /26, 10.16.0.0/24 and probably some more)

    It doesn't happen in 4 other clients that I tested this with though.

    P 1 Reply Last reply Apr 25, 2024, 11:36 AM Reply Quote 0
    • P
      pwood999 @lifeboy
      last edited by Apr 25, 2024, 11:36 AM

      @lifeboy Does the windows client machine have other network adapters such as vmware virtual adapters ?

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received