Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Open VPN IP Restrictions

    OpenVPN
    3
    4
    2459
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mnsmani last edited by

      I tried configuring Open VPN with the following settings

      Case 1 (Entries in openvpn_server0.conf and WebGUI)
      Settings : Server 192.168.20.0 255.255.255.0  (In GUI - Address Pool - 192.168.20.0/24)
                    push "route 192.168.1.0 255.255.255.0 (In GUI - Local Network - 192.168.1.0/24)
      Result :    Client is assigned with IP = 192.168.20.6 / 255.255.255.252 / G/w is null 
                    Pinging is Possible / Shared Folder is viewed

      Case 2 (Entries in openvpn_server0.conf and WebGUI)
      Settings : Server 192.168.1.0 255.255.255.240  (In GUI - Address Pool - 192.168.1.0/28)
                    push "route 192.168.1.0 255.255.255.0 (In GUI - Local Network - 192.168.1.0/24)
      Result    : Client is assigned with IP = 192.168.1.6 / 255.255.255.252 / G/W is null / DHCP Server - 192.168.1.5
                    We have not specified anywhere the DHCP Server.
                    The Device Lan IP is 192.168.1.99, which is getting pinged from the client machine
                    The machine behind v5 (192.168.1.102) is not getting pinged / being able to browse.

      Case 3 : (Entries in openvpn_server0.conf and WebGUI)
      Settings : Server 192.168.1.99 255.255.255.240  (In GUI - Address Pool - 192.168.1.99/28) or
                    Server 192.168.10.99 255.255.255.240  (In GUI - Address Pool - 192.168.10.99/28)
                    push "route 192.168.1.99 255.255.255.0 (In GUI - Local Network - 192.168.1.99/24)
      Result    : Client is not even recoganized.

      My Questions are

      1. Is it necessary that the 4th part of both Server and Push IP should be ZERO ?
      2. Whether the Server and Push IP cannot be with in the same entries in the First 3 portion of the IP.. (Case 3)

      Any clues on what blunder am I doing ?

      1 Reply Last reply Reply Quote 0
      • H
        Hotel last edited by

        on scenario 2 and 3 your need to change your address pool to something a little more exotic.

        Maybe 192.168.200.0/24 and 10.8.0.0/24

        Everything worked for me in my lab so give it a shot

        1 Reply Last reply Reply Quote 0
        • M
          mnsmani last edited by

          Still you are mentioning 0 as last portion of IP….. which I do not want.....

          I need something like 192.168.1.99/29 ......

          1 Reply Last reply Reply Quote 0
          • J
            jeroen234 last edited by

            you must enter a network .99/29 is not a networkadress but a ipadress

            .96/29 is the one you are looking for (.96 networkadress .97 till .102 ipadresses .103 broadcastadress)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post