OpenVPN, push specific GW IP

[Richard.F]

Hello,

I have a question, if someone is willing to point me to right place in configuration :)

I use OpenVPN, several instances.
One instance is for clients with "special" needs

Lets say that instance use subnet 10.11.220.0/22
But i need all clients to be in separated subnets
- for example one client shoud use one subnet from 10.11.220.0/22 and that subnet would be 10.11.220.128/30

I have found I can push client specific override to make this client take address 10.11.220.130 from 10.11.220.128/30 and I want that client to take 10.11.220.129 as a gateway

but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22


is there some option Im missing? Is it actualy possible for OPNSense to achieve this ?

thank you

[bimbar]

NM, didn't notice the OpenVPN part.

[viragomann]

but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22

The tunnel in the client specific override should be the subnet address. So you should enter 10.11.220.128/30 there.

[Richard.F]

but when I set client speciffic override to address 10.11.220.129/30 client gets 10.11.220.1 as GW because VPN instance subnet is 10.11.220.0/22

The tunnel in the client specific override should be the subnet address. So you should enter 10.11.220.128/30 there.

this sounds logicall, tried it, if I put NET address there (like 10.11.220.128/30) client gets address 10.11.220.128

it looks like this doesnt work as intended

[viragomann]

Did you set the topology in the server settings accordingly?

[Richard.F]

I see, there shoud be topology NET30 instead of subnet, then by theory it should work as I need by putting /30 subnet into user override.

Will try this later, thank you for pointing it out

[Richard.F]

Did you set the topology in the server settings accordingly?

thank you, this did the trick