Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem creating client-override config

    OpenVPN
    1
    1
    1732
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cgr last edited by

      I'm running pfSense 2.0-RELEASE  (i386) as the client and server for an OpenVPN tunnel in a site-to-site PKI configuration.  The tunnel network is defined to be 192.168.254.0/24.  When the OpenVPN interface ovpns1 starts up, it gets this configuration:

      ovpns1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
      options=80000 <linkstate>inet6 fe80::230:48ff:fe72:8f20%ovpns1 prefixlen 64 scopeid 0x8
      inet 192.168.254.1 –> 192.168.254.2 netmask 0xffffffff
      nd6 options=3 <performnud,accept_rtadv>Opened by PID 23359

      When I create the client-override configuration, the client-override file in /var/etc/openvpn-csc/ gets created.  The "ifconfig-push" line in that file reads:

      ifconfig-push 192.168.254.1 192.168.254.2

      and the ovpnc1 interface on the client comes up with the same configuration as the ovpns1 interface on the server and the tunnel does not get created.  However if I edit the client-override file so the the "ifconfig-push" line reads:

      ifconfig-push 192.168.254.2 192.168.254.1

      then the tunnel comes up and things work properly (modulo getting the firewall rules correct).

      The same behavior happens with 2.0-RC3  (i386).

      Is this the expected behavior?  If not, what are the correct values to enter in the client-override setup tab?  (screenshot of tab attached).

      Thanks in advance for you help,
      Carl

      </performnud,accept_rtadv></linkstate></up,pointopoint,running,multicast>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy