Gentoo Archives: gentoo-user

From: Xavier Parizet <xav@×××××××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] openvpn static ip
Date: Thu, 25 Feb 2010 08:09:31
Message-Id: 4B86298B.50601@gentooist.com
In Reply to: [gentoo-user] openvpn static ip by Joseph
1 On 02/25/2010 02:32 AM, Joseph wrote:
2 > I've configured OpenVPN and it works OK but I can not seems to figure it
3 > out how to assign static IP to clients
4 >
5 > My server.conf port 8458
6 > proto udp
7 > dev tun
8 > mode server
9 > ca /usr/share/openvpn/easy-rsa/keys/ca.crt
10 > cert /usr/share/openvpn/easy-rsa/keys/server.crt
11 > key /usr/share/openvpn/easy-rsa/keys/server.key
12 > dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem
13 > server 192.168.139.0 255.255.255.0
14 > client-to-client
15 > ifconfig-pool-persist ipp.txt
16 > client-config-dir ccd
17 > keepalive 10 120
18 > tls-auth vpn_my.key 0
19 > tun-mtu 1500
20 > tun-mtu-extra 32
21 > mssfix 1200
22 > duplicate-cn
23 > comp-lzo
24 > max-clients 100
25 > persist-key
26 > persist-tun
27 > status openvpn-status.log
28 > log /var/log/openvpn.log
29 > log-append /var/log/openvpn.log
30 > verb 3
31 >
32 > On client in /etc/openvpn/ccd directory I've created a file "syscon9" with:
33 > ifconfig-push 192.168.139.15 192.168.139.1
34
35 Hmmm... 192.168.139.1 does not seem a remote netmask, isn't it ?
36 man openvpn tell me the following for ifconfig-push:
37 --ifconfig-push local remote-netmask
38
39 so, put ifconfig-push 192.168.139.15 255.255.255.0 rather than the line
40 above in the ccd directory.
41
42 If it doesn't work, then please post the openvpn.log of the client.
43
44 > This file suppose to have a name from client "CN"
45 >
46 > client.conf
47 > client
48 > dev tun
49 > proto udp
50 > remote 68.148.245.78 8458
51 > resolv-retry infinite
52 > nobind
53 > tun-mtu 1500
54 > tun-mtu-extra 32
55 > mssfix 1200
56 > persist-key
57 > persist-tun
58 > remote-cert-tls server
59 > ca "/etc/openvpn/client/ca.crt"
60 > cert "/etc/openvpn/client/syscon9.crt"
61 > key "/etc/openvpn/client/syscon9.key"
62 > tls-auth "/etc/openvpn/client/vpn.key" 1
63 > comp-lzo
64 > log /var/log/openvpn.log
65 > log-append /var/log/openvpn.log
66 > verb 3
67
68 --
69 Xavier Parizet
70 YaGB : http://gentooist.com
71 GPG : C7DC B10E FC21 63BE
72 B453 D239 F6E6 DF65 1569 91BF

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-user] openvpn static ip Joseph <syscon780@×××××.com>