"Quote from: viragomann on November 01, 2024, 12:03:03 PM
Did you set the topology in the server settings accordingly?
thank you, this did the trick
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.7, 24.10 Legacy Series / Re: OpenVPN, push specific GW IP
November 01, 2024, 01:26:58 PMthank you, this did the trick
#2
24.7, 24.10 Legacy Series / Re: OpenVPN, push specific GW IP
November 01, 2024, 12:21:05 PM
I see, there shoud be topology NET30 instead of subnet, then by theory it should work as I need by putting /30 subnet into user override.
Will try this later, thank you for pointing it out
Will try this later, thank you for pointing it out
#3
24.7, 24.10 Legacy Series / Re: OpenVPN, push specific GW IP
November 01, 2024, 11:48:32 AMQuote from: viragomann on November 01, 2024, 11:16:58 AMQuote from: Richard.F on November 01, 2024, 08:18:17 AM
but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22
The tunnel in the client specific override should be the subnet address. So you should enter 10.11.220.128/30 there.
this sounds logicall, tried it, if I put NET address there (like 10.11.220.128/30) client gets address 10.11.220.128
it looks like this doesnt work as intended
#4
24.7, 24.10 Legacy Series / OpenVPN, push specific GW IP
November 01, 2024, 08:18:17 AM
Hello,
I have a question, if someone is willing to point me to right place in configuration :)
I use OpenVPN, several instances.
One instance is for clients with "special" needs
Lets say that instance use subnet 10.11.220.0/22
But i need all clients to be in separated subnets
- for example one client shoud use one subnet from 10.11.220.0/22 and that subnet would be 10.11.220.128/30
I have found I can push client specific override to make this client take address 10.11.220.130 from 10.11.220.128/30 and I want that client to take 10.11.220.129 as a gateway
but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22
is there some option Im missing? Is it actualy possible for OPNSense to achieve this ?
thank you
I have a question, if someone is willing to point me to right place in configuration :)
I use OpenVPN, several instances.
One instance is for clients with "special" needs
Lets say that instance use subnet 10.11.220.0/22
But i need all clients to be in separated subnets
- for example one client shoud use one subnet from 10.11.220.0/22 and that subnet would be 10.11.220.128/30
I have found I can push client specific override to make this client take address 10.11.220.130 from 10.11.220.128/30 and I want that client to take 10.11.220.129 as a gateway
but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22
is there some option Im missing? Is it actualy possible for OPNSense to achieve this ?
thank you
#6
24.7, 24.10 Legacy Series / Re: New certs not linked to users
August 01, 2024, 11:41:47 AM
Thank you, patch applied, it seems like part of the problem is fixed
second part is not.
certificate in System: Trust: Certificates is still marked as NOT IN USE
second part is not.
certificate in System: Trust: Certificates is still marked as NOT IN USE
#7
24.7, 24.10 Legacy Series / New certs not linked to users
August 01, 2024, 08:22:31 AM
Hello,
in relation to my previous post https://forum.opnsense.org/index.php?topic=41760.0
when I try to add new certificate to user (another certificate) in System: Access: Users Im forwarded to System: Trust: Certificates where I can create new certificate
Once I do, new certificate is visible under user account in System: Access: Users but is marked as NOT IN USE in System: Trust: Certificates and is NOT linked to user in VPN: OpenVPN: Client Export
in relation to my previous post https://forum.opnsense.org/index.php?topic=41760.0
when I try to add new certificate to user (another certificate) in System: Access: Users Im forwarded to System: Trust: Certificates where I can create new certificate
Once I do, new certificate is visible under user account in System: Access: Users but is marked as NOT IN USE in System: Trust: Certificates and is NOT linked to user in VPN: OpenVPN: Client Export
#8
24.7, 24.10 Legacy Series / Re: Certificates missing in System: Access: Users
July 26, 2024, 04:30:35 PM
Yes, this was it, changed common name on all certificates, and now I can see them within user accounts
thaks a lot
thaks a lot
#9
24.7, 24.10 Legacy Series / [SOLVED] Certificates missing in System: Access: Users
July 26, 2024, 03:42:04 PM
Hello
In 24.7_5 (upgraded from 24.1) all users have only one certificate visible in System: Access: Users (the one that was initialy created with user).
Other certificates, that was linked later, are not there, but I can see them in System: Trust: Certificates and all have "In use" attribute checked (and also works)
In 24.7_5 (upgraded from 24.1) all users have only one certificate visible in System: Access: Users (the one that was initialy created with user).
Other certificates, that was linked later, are not there, but I can see them in System: Trust: Certificates and all have "In use" attribute checked (and also works)
Pages1
