Messages

1

Virtual private networks / Re: another OpenVPN Clients Static IP Post

« on: November 05, 2023, 05:52:47 pm »

Hey Bart,

appreciate the response.
In that case, I would also need the setting "Enforce local group" in the server config, right?
Else a user could simply switch the port and bypass my rules.

Best regards,
Ex

2

Virtual private networks / another OpenVPN Clients Static IP Post

« on: November 04, 2023, 09:29:18 pm »

Hey guys,

yes, yes I know ... I read all the posts about making it possible for OpenVPN clients to have a static IP so you can filter them in the firewall, but none of the solutions listed work in my environment.
So I decided to open another post with my setup to check if I am missing something obvious, bear with me please.

Config:
- OpnSense with Public WAN IP Address
- OpenVPN Server on non-default port
- can connect to OpenVPN Server without issue and get assigned a IP-address from the setting "IPv4 Tunnel Network"
- relevant settings (I believe):
IPv4 Tunnel Network: 10.0.0.0/24
Dynamic IP: NOT checked
Topology: NOT checked
Use common name: checked
- currently no Client Specific Overrides, but tried with them too

What I tried:
I tried Client Specific Overrides with IPv4 Tunnel Network set to 10.0.0.100/32 and 10.0.0.100/24, neither worked and I still got assigned my old IP address on my client.
I tried configuring a client (do I need this?) with IPv4 Tunnel Network set to 10.0.0.100/32 and 10.0.0.100/24, neither worked and I still got assigned my old IP address on my client.
Also tried both of the above with Topology checked in the server configuration.

Any pointers what I have to configure to get this going?
Any help is greatly appreciated.

Best regards,
Ex