OpenVPN assigning incorrect subnet mask



  • Hi,

    I know this has been discussed before.. specifically this thread:  http://forum.pfsense.org/index.php/topic,15827.0.html

    I couldn't find a way to reply to that topic and I couldn't see where it was locked, so I just started a new thread.

    I am getting the same behavior where I'm getting IP address 172.16.10.6 and subnet mask 172.16.10.5.

    GruensFroeschli indicated that this is correct and that it's a /30… but a /30 would NOT give an IP for a subnet mask value.. a /30 should be 255.255.255.252 with .5 and .6 being the usable IPs and .4 and .7 being the network and broadcast respectively

    Not sure how to fix this.  My road warrior client is connecting but unable to route anywhere.

    Any help would be appreciated.

    Thanks
    -Rich



  • Please post the assigned network settings on the client (shown by ipconfig/all on Windows or ifconfig on Linux/BSD).



  • @Cry:

    Please post the assigned network settings on the client (shown by ipconfig/all on Windows or ifconfig on Linux/BSD).

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : tech1
            Primary Dns Suffix  . . . . . . . :
            Node Type . . . . . . . . . . . . : Unknown
            IP Routing Enabled. . . . . . . . : No
            WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter OpenVPN Adapter:

    Connection-specific DNS Suffix  . : zt.local
            Description . . . . . . . . . . . : TAP-Win32 Adapter V8
            Physical Address. . . . . . . . . : 00-FF-4F-C0-19-ED
            Dhcp Enabled. . . . . . . . . . . : Yes
            Autoconfiguration Enabled . . . . : Yes
            IP Address. . . . . . . . . . . . : 172.16.10.6
            Subnet Mask . . . . . . . . . . . : 172.16.10.5
            Default Gateway . . . . . . . . . :
            DHCP Server . . . . . . . . . . . : 172.16.10.4
            Lease Obtained. . . . . . . . . . : Tuesday, February 22, 2011 6:08:58 PM
            Lease Expires . . . . . . . . . . : Wednesday, February 22, 2012 6:08:58 PM

    Here is my ovpn config file:

    client
    float
    port 1194
    dev tap
    proto tcp-client
    remote x.x.x.x 1194
    ping 10
    persist-key
    persist-tun
    tls-client
    ca pfsense.crt
    cert testclient.crt
    key testclient.key
    ns-cert-type server
    #auth-user-pass
    #comp-lzo
    pull
    verb 4

    Thanks
    -Rich



  • Can you also post a screenshot of your OpenVPN server settings?



  • @Cry:

    Can you also post a screenshot of your OpenVPN server settings?

    I have included the top and bottom portions of the screen as the certificates must be correct since the connection is being established.





  • Rebel Alliance Developer Netgate

    Client should have dev tun, not dev tap.



  • @jimp:

    Client should have dev tun, not dev tap.

    It's always the simple things - that did it!  Thanks!

    -Rich


Log in to reply