Problem creating client-override config



  • I'm running pfSense 2.0-RELEASE  (i386) as the client and server for an OpenVPN tunnel in a site-to-site PKI configuration.  The tunnel network is defined to be 192.168.254.0/24.  When the OpenVPN interface ovpns1 starts up, it gets this configuration:

    ovpns1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
    options=80000 <linkstate>inet6 fe80::230:48ff:fe72:8f20%ovpns1 prefixlen 64 scopeid 0x8
    inet 192.168.254.1 –> 192.168.254.2 netmask 0xffffffff
    nd6 options=3 <performnud,accept_rtadv>Opened by PID 23359

    When I create the client-override configuration, the client-override file in /var/etc/openvpn-csc/ gets created.  The "ifconfig-push" line in that file reads:

    ifconfig-push 192.168.254.1 192.168.254.2

    and the ovpnc1 interface on the client comes up with the same configuration as the ovpns1 interface on the server and the tunnel does not get created.  However if I edit the client-override file so the the "ifconfig-push" line reads:

    ifconfig-push 192.168.254.2 192.168.254.1

    then the tunnel comes up and things work properly (modulo getting the firewall rules correct).

    The same behavior happens with 2.0-RC3  (i386).

    Is this the expected behavior?  If not, what are the correct values to enter in the client-override setup tab?  (screenshot of tab attached).

    Thanks in advance for you help,
    Carl

    </performnud,accept_rtadv></linkstate></up,pointopoint,running,multicast>


Log in to reply