Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Violates tunnel network/netmask constraint

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jiunnyik
      last edited by

      Hi,

      My working OpenVPN stops working after I upgraded to 2.3-1

      In OpenVPN log, there are errors of

      
user.cert.name/1.2.3.4:56162 MULTI ERROR: primary virtual IP for user.cert.name/1.2.3.4:56162 (10.38.21.8) violates tunnel network/netmask constraint (10.8.2.0/255.255.255.0)

      This is solved by remove the tunnel network settings for user.cert.name at Client Specific Overrides session.

      So in pfsense2.3, how do I specific client's IP address?

      Thank you.

      1 Reply Last reply Reply Quote 0
      • J
        jiunnyik
        last edited by

        Ok.

        I understand this is due to OpenVPN topology change in new release.

        Now my next question is how do I specific IP for client with "Subnet – One IP address per client in a common subnet" ?

        I tried to specific client IP in the same subnet by enter "10.8.1.200/32" into tunnel network settings for user.cert.name, and I can see vpn established but traffic unable to pass through.

        Also with the new topology, can I specific client's IP in other subnet?

        Thank you.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.