Forums

Subscribe via email Subscribe via email
Subscribe via rss
Guest
or Ask a Question
Add a reply View Replies (3) →
Carlos Eduardo Pacheco
Carlos Eduardo Pacheco
Offline
Issue

VPN PPTP Static IP for clients

Resolved
0 votes
Hi

I need to assign a static ip for PPTP VPN Clients.

I already tried use /etc/ppp/chap-secrets, but it didn't work because PPTP use ldap and not chap-secrets.

Someone can help ?
In PPTP Server
Monday, July 18 2016, 12:16 AM
Subscribe via email
Share this post:

Accepted Answer

Nick Howitt
Nick Howitt
Offline
Monday, July 18 2016, 12:30 PM - #Permalink
Resolved
0 votes
I can't remember the location of the file. Something like /var/lib/openvpn/ipp.txt. Have a look in /etc/clearos/clients.conf. It has one line pointing to the file. Normally OpenVPN builds this file by itself as new clients connect and it uses this to try to give the same IP to the same client. From memory it uses the username from the certificate and an IP. The IP's increment by 4 every time. If you want to guarantee fixed IP's (mine don't seem to move) you can set the immutable bit on the file (chattr +I filename) so the system can't update it. There is no harm doing that. I believe it is the recommended way. You'd need to remove the immutable bit every time you wanted to edit the file to add a new host.
The reply is currently minimized Show
Responses (3)

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Tuesday, July 19 2016, 07:54 PM - #Permalink
    Resolved
    0 votes
    Hi Carlos,
    I had a sudden thought and there is a better way to handle IP persistence in /var/lib/openvpn/ipp.txt. In /etc/openvpn/clients.conf, change the number at the end of the ifconfig-pool-persist line (120) to 0. OpenVPN should then treat the file as read-only. See the man pages here.
    The reply is currently minimized Show

  • Accepted Answer

    Carlos Eduardo Pacheco
    Carlos Eduardo Pacheco
    Offline
    Monday, July 18 2016, 12:13 PM - #Permalink
    Resolved
    0 votes
    Thank's Nick

    Could you help how can I configure static Ip's on OpenVpn in ClearOs ?

    No problem about use shell interface.:)
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Monday, July 18 2016, 11:46 AM - #Permalink
    Resolved
    0 votes
    I think the question was asked a few years ago and there was no answer then.

    Can I make my usual point? These days even Micro$oft, who created the protocol, no longer recommend you use it as its security is easily broken. OpenVPN is a more secure solution and you can assign static IP's. If you require auto-login on start up (so no user/pass authentication, relying on certificates only), this is also easy to set up although not through the ClearOS webconfig.
    Like
    1
    The reply is currently minimized Show
Your Reply