Violates tunnel network/netmask constraint

  • Hi,

    My working OpenVPN stops working after I upgraded to 2.3-1

    In OpenVPN log, there are errors of
 MULTI ERROR: primary virtual IP for ( violates tunnel network/netmask constraint ( 

    This is solved by remove the tunnel network settings for at Client Specific Overrides session.

    So in pfsense2.3, how do I specific client's IP address?

    Thank you.

  • Ok.

    I understand this is due to OpenVPN topology change in new release.

    Now my next question is how do I specific IP for client with "Subnet – One IP address per client in a common subnet" ?

    I tried to specific client IP in the same subnet by enter "" into tunnel network settings for, and I can see vpn established but traffic unable to pass through.

    Also with the new topology, can I specific client's IP in other subnet?

    Thank you.