OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: GaardenZwerch on August 16, 2018, 03:41:22 pm

Title: [SOLVED] OpenVPN remote network
Post by: GaardenZwerch on August 16, 2018, 03:41:22 pm

Hi,

openvpn clients used to accept x.y.z.t/32 in "IPv4 Remote Network" if there is a single host that needs to go through a tunnel in 18.1,
now (18.7.1) they complain:
"The field 'IPv4 Remote Network' must contain only valid ipv4 CIDR range(s) separated by commas."

I rely on this a lot, for reasons that I have no influence on. Can this be like it was before, so /32 is valid?

Thanks and regards,
Frank

Title: Re: OpenVPN remote network
Post by: franco on August 16, 2018, 03:53:09 pm

Hi Frank,

Can you give an example of such a tunnel network?


Thanks,
Franco

Title: Re: OpenVPN remote network
Post by: GaardenZwerch on August 16, 2018, 03:59:56 pm

Hi Franco,

I need to access 172.27.5.3/32 (just this one host) thru a given opnvpn tunnel. This doesn't work anymore since upgrading to 18.7.1
When I put 172.27.5.0/29 in the field, it works (for now) but it is not really what I want.

Thanks

Frank

Title: Re: OpenVPN remote network
Post by: franco on August 16, 2018, 06:18:54 pm

Hi Frank,

Thanks, lifted the restriction and found what looks like a PHP oddity that evaluates bitwise operators after logic operators...

https://github.com/opnsense/core/commit/4d664bc3

You can install the patch via:

# opnsense-patch 4d664bc3


Cheers,
Franco

Title: Re: OpenVPN remote network
Post by: GaardenZwerch on August 17, 2018, 09:45:44 am

Thanks a lot,
works like a charm.

Title: Re: [SOLVED] OpenVPN remote network
Post by: franco on August 17, 2018, 12:11:36 pm

Ok, thanks, will be shipped in 18.7.2. Sorry for the trouble.