Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OpenVPN GUI faulty guidance
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN GUI faulty guidance (Read 2080 times)
ikkeT
Jr. Member
Posts: 58
Karma: 1
OpenVPN GUI faulty guidance
«
on:
July 11, 2020, 06:22:57 pm »
Hi,
I was going through GUI for options to set static IP for roadwarrior client. There is a fault in GUI guidance. The field in client config: IPv4 " VPN: OpenVPN: Client Specific Overrides: Tunnel Settings: Tunnel Network" states:
"This is the IPv4 virtual network used for private communications between this client and the server expressed using CIDR (eg. 10.0.8.0/24). The first network address is assumed to be the server address and the second network address will be assigned to the client virtual interface."
Sounds a lot like description for the variable that I'd need. However if I put there: "192.168.118.1 192.168.118.2" in order to get the server to use .1 and client .2 from the tunnel network, I get the error:
"The following input errors were detected:
The field 'IPv4 Tunnel Network' must contain a single valid ipv4 CIDR range."
So clearly the instruction in the GUI is wrong. I assume it would rather set the virtual client network CIDR, and the GUI is actually missing the "ifconfig-push" option that I'd need.
I would've created an issue about that, but I couldn't find the repo for this plugin.
I'd have a wish that this GUI misguidance was fixed, and the ifconfig-push option was added.
Logged
ikkeT
Jr. Member
Posts: 58
Karma: 1
Re: OpenVPN GUI faulty guidance
«
Reply #1 on:
July 11, 2020, 06:40:40 pm »
This is confusing to me. This site:
https://openvpn.net/community-resources/how-to/
shows format of:
"iifconfig-push 10.8.1.1 10.8.1.2"
Where as the man page in opnsense says:
" --ifconfig-push local remote-netmask [alias]
Push virtual IP endpoints for client tunnel, overriding the
--ifconfig-pool dynamic allocation.
"
So the other one uses IP IP, and the other one IP ROUTE. Must be some version issue.... I try with what the man page says.
Logged
ikkeT
Jr. Member
Posts: 58
Karma: 1
Re: OpenVPN GUI faulty guidance
«
Reply #2 on:
July 11, 2020, 06:54:50 pm »
seems that ifconfig-push works kinda, but the dynamic pool will give duplicate ip addresses if the ifconfig push is set to give address from that pool. So OpenVPN isn't smart enough to avoid fixed ips given to clients while giving out the pool ips.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OpenVPN GUI faulty guidance