2.0 OpenVPN warnings?

  • Hello all,

    Just finishing up a getting my copy of OpenVPN working on my new 2.0RC1 build.

    A couple of questions:

    As all the documentation said I set the local IP subnet to my LAN's subnet but when I do I get:
    Wed Apr 13 02:39:06 2011 WARNING: potential route subnet conflict between local LAN [] and remote VPN [], I can set my VPN server to be at but then I can't access my internal servers and devices.

    Also I am getting:
    Wed Apr 13 10:51:34 2011 WARNING: Make sure you understand the semantics of –tls-remote before using it (see the man page).
    Wed Apr 13 10:51:34 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

    Anything to worry about?

    also, my final configuration came out as:

    dev tun
    proto udp
    cipher AES-256-CBC
    resolv-retry infinite
    remote 1194
    ca server-CA.crt
    pkcs12 user-udp-1194.p12
    tls-auth user-udp-1194-tls.key 1
    tls-remote www.stuff.com
    verb 3
    ping 10

    Can any of you gurus tell me if I missed anything?
    Did I accidently add any security holes?


  • Your tunnel network subnet needs to be different from the LAN subnet.

  • My Tunnel subnet is different from the LAN subnet.

    I get the warning when I set local subnet in my OpenVPN server configurations to what my local LAN address is, which I understand is the correct setting.

  • Rebel Alliance Developer Netgate

    It looks like you also set the remote network to be

    Are both the local and remote network really If the subnets really overlap, that won't work without a lot of extra NAT and various trickery.

  • Weird, on the server it is setup as, so it shouldn't overlap.

Log in to reply