Fixed IP for some users work , but other client also get this ip's



  • Hi,

    i have a troubles with openvpn;

    1.) i don't want the vpn dhcp running –>not possible i get always an ip
    2.) i want to give some users a fixed ip -->working with client override ->advance option->ifconfig-push 10.0.8.6 10.0.8.5;
    3.) Fixed ip's should never given to others --> don' work the other client got these ip.

    Maybe someone has a hint for me how to fix this behavor.

    regards max


    Version 2.0.3-RELEASE (i386)
    built on Fri Apr 12 10:22:21 EDT 2013
    FreeBSD 8.1-RELEASE-p13

    You are on the latest version.



  • Ok i found out why openvpn has this behavor in openvpn manual
    –server network netmask
        A helper directive designed to simplify the configuration of OpenVPN's server mode. This directive will set up an OpenVPN server which will allocate addresses to clients out of the given network/netmask. The server itself will take the ".1" address of the given network for use as the server-side endpoint of the local TUN/TAP interface.

    For example, --server 10.8.0.0 255.255.255.0 expands as follows:

    mode server
            tls-server

    if dev tun:
              ifconfig 10.8.0.1 10.8.0.2
              ifconfig-pool 10.8.0.4 10.8.0.251
              route 10.8.0.0 255.255.255.0
              if client-to-client:
                push "route 10.8.0.0 255.255.255.0"
              else
                push "route 10.8.0.1"

    if dev tap:
              ifconfig 10.8.0.1 255.255.255.0
              ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0
              push "route-gateway 10.8.0.1"

    Don't use --server if you are ethernet bridging. Use --server-bridge instead.

    The option Address Pool in WebGui make  no sense with this option.

    I altered the config file to
    mode server
    ifconfig-pool-persist /var/etc/openvpn/ipp.txt 0
    ifconfig-pool 10.0.8.6 10.0.8.10

    but it will destroyed after reboot.
    A option in the gui would be nice to remove the server option so custom option can be set.
    Also a persist file (ipp.txt??) should be generated from the client spec. override if there is a option ifconfig-push IPClient IPServer

    regards



  • I did a little mod on the /var/etc/openvpn/server1.conf

    and the config is changed like i wish but  it is not finished (diffrent between tun/tap)  but maybe someone can do this job better than i.

    in my config it add's now (no: server 192.168.4.0 255.255.255.0 any more:-)

    mode server
    ifconfig 192.168.4.1 192.168.4.2
    route 192.168.4.0 255.255.255.0
    ifconfig-pool 192.168.4.4 192.168.4.251
    push "route 192.168.4.1"

    openvpn.inc.txt


Log in to reply