Share this post:
Accepted AnswerNick HowittOfflineThere is no need to declare a net30 topology as it is the default. In this case your ccd file should have something like this in it:
It should not have a netmask.
ifconfig-push 10.8.0.14 10.8.0.13
Also you are going to hit problems if you use the same subnet for you fixed IP's and your dynamic IP's. I suggest you move your fixed IP's to something like 10.8.4.x and in your clients.conf add a line:
route 10.8.4.0 255.255.255.0
Accepted AnswerHi Nick.
I have an error, I managed to configure it but the following error appears on the client:
Thre is a problem in your selection of --ifconfig endpoints [local=10.8.0.14, remote=255.255.255.252]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
I declarate in "topology net30" in /etc/oopenvpn/clients.conf but it keeps giving me the error
# Tip - if you are using this as a template for configuring other VPNs:
# - the ifconfig-pool-persist file must be unique
# - the port/protocol combination must be unique
# - the status file must be unique
# - different server IPs are recommended
# - don't forget about the firewall
server 10.8.0.0 255.255.255.0
keepalive 10 120
push "compress stub-v2"
ifconfig-pool-persist /var/lib/openvpn/ipp.txt 120
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn
push "dhcp-option DNS 192.168.0.11"
push "dhcp-option DOMAIN pruebas.local"
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option WINS 192.168.0.11"
push "redirect-gateway def1 bypass-dhcp"
Accepted AnswerNick HowittOfflineYou can't change the IP range for OpenVPN in the webconfig, but you can do it by editing /etc/openvpn/clients.conf then restarting OpenVPN. Make sure it does not clash with any other IP range you use.
For static IP's, please see this feature request and its linked document. I use static IP's so can help.