Client-specific configuration, static IP

jorgenlaukholm.com

I have a pfSense box with approximate 50 VPN users, and have set up static IP for some users using the "Client-specific configuration -> Interface IP". The clients gets the defined IPs and everything is working as expected.

The question is related to all the other VPN clients:
When a "Client-specific configuration" is set up to specify a static IP for one client, is it possible that another client may get the same static IP, or is it reserved? I wonder if it's sufficient to just define the clients I want with a static IPs, or if I have to set up static IPs for all clients to avoid IP conflicts?

Best regards
Jørgen

jimp

A few simple tests could confirm this behavior, but I'm not sure offhand.

I haven't tried this myself, but you could require having a CSC entry, and use the directive

ccd-exclusive;

In the custom options to enforce the requirement that a client exists on the CSC tab before they can connect.

The OpenVPN man page doesn't really clarify whether or not the ifconfig-push directives for the CSC entries are taken into account during general pool assignment.