Dynamic IP collision
I have set up a VPN Client with pfSense 2.1.5 to VPNBook. It works so far. My LAN has the IPv4 network 10.10.0.0/24. After connection I see
Interface "VPN" IP (Virtual Address): 10.10.0.118: Dynamically in my IP Range
Gateway "VPN_GW" IP: 10.10.0.117: One lower
The problem is, that this IP is changing on every DSL reconnect (daily) and seems to be random and sometimes collides with internally used IPs like 10.10.0.9 I had yesterday.
Is it intended, that the IPs have to be in my local network?
Should I use another network (e.g. 10.10.8.0/24). Unfortunaltely the setting "IPv4 Tunnel Network" is ignored. My other options are:
verb 5;auth-user-pass /etc/vpnbook.pass;persist-key;persist-tun;pull;route-nopull
If your isp is fond of using those 10.whatever IPs, don't use them in your LAN and VPN
This is not my primary ISP, it is "only" an OpenVPN tunnel endpoint. I don't think it has to do with the actual network number, it looks like OpenVPN assigns itself an IP in my local network - except that it does randomly ignoring e.g. DHCP leases.
You should be assigning it a tunnel that is completely unused in your network.
Example…. In the openvpn tunnel settings:
If your LAN is on 10.5.34.0/24
Put your openvpn tunnel setting as 10.5.35.0/24
This way there is no possibility of a problem on your end at least.
If you have a few clients that are using a ISP that is assigning inconvenient IPs for you in the 10.5.35.0/24 range, then set up a second openvpn instance on your pfsense just for them on a different port.
Make that one tunnel on 172.16.59.0/24 or 18.104.22.168/24 or something.
172.16.0.0/12 IP addresses: 172.16.0.0 -- 172.31.255.255
192.168.0.0/16 IP addresses: 192.168.0.0 – 192.168.255.255
I have one VPN from openvpnas that has for years been using the 5.5.x.x IP space with no problems but that's not technically good to do.
That is what I tried. I configured
IPv4 Tunnel Network: 10.10.9.0/24
The generated /var/etc/openvpn/client1.conf is
keepalive 10 60
management /var/etc/openvpn/client1.sock unix
remote us1.vpnbook.com 25000
ifconfig 10.10.9.2 10.10.9.1
But the interface looks like this:
ovpnc1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
options=80000 <linkstate>inet6 fe80::290:7fff:fe3e:31a1%ovpnc1 prefixlen 64 scopeid 0xc
inet 10.10.0.118 –> 10.10.0.117 netmask 0xffffffff
nd6 options=3 <performnud,accept_rtadv>Opened by PID 67700
Either this is a bug, or I don't know how to configure it correctly.</performnud,accept_rtadv></linkstate></up,pointopoint,running,multicast>
Probably need a screen shot of your entire openvpn config and also info about the client. What OS is the client?
pfSense is the client, VPNBook is the tunnel ISP.
I think I'm not going to be alot of help for you.