OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: fabio on May 06, 2018, 11:18:22 am

Title: OpenVPN - Adressing pool
Post by: fabio on May 06, 2018, 11:18:22 am: Hi,

Mildly related to https://forum.opnsense.org/index.php?topic=7830 topic

To be absolutely sure to not have overlap from my static address assignemt and the dynamic ones I would like to limit this pool to a subnet;

According to the https://community.openvpn.net/openvpn/wiki/Concepts-Addressing#Examplesforsubnettopology documentation page instead to use the "server" directive
Code: [Select]
server 10.8.0.0 255.255.255.0
Are needed "ifconfig", "ifconfig-pool", "mode server" and push a couple of configurations to the client

This is a test for "topology subnet"

Code: [Select]
mode server ifconfig 10.8.0.1 255.255.255.0 ifconfig-pool 10.8.0.4 10.8.0.199 255.255.255.0 push "route-gateway 10.8.0.1" push "topology subnet"

Unfortunately in the current web page the mandatory field "IPv4 Tunnel Network" set "server" that is incompatible with this implementation
so for my prove of concept it I've manually changed the " /var/etc/openvpn/server1.conf" conf file and manually restarted the service.

From my current limited test I do not see problems and OpenVPN assign only addresses in the ifconfig-pool range

Maybe in one of the next release you may consider to implement also this feature

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy