1 |
On 02/25/2010 02:32 AM, Joseph wrote: |
2 |
> I've configured OpenVPN and it works OK but I can not seems to figure it |
3 |
> out how to assign static IP to clients |
4 |
> |
5 |
> My server.conf port 8458 |
6 |
> proto udp |
7 |
> dev tun |
8 |
> mode server |
9 |
> ca /usr/share/openvpn/easy-rsa/keys/ca.crt |
10 |
> cert /usr/share/openvpn/easy-rsa/keys/server.crt |
11 |
> key /usr/share/openvpn/easy-rsa/keys/server.key |
12 |
> dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem |
13 |
> server 192.168.139.0 255.255.255.0 |
14 |
> client-to-client |
15 |
> ifconfig-pool-persist ipp.txt |
16 |
> client-config-dir ccd |
17 |
> keepalive 10 120 |
18 |
> tls-auth vpn_my.key 0 |
19 |
> tun-mtu 1500 |
20 |
> tun-mtu-extra 32 |
21 |
> mssfix 1200 |
22 |
> duplicate-cn |
23 |
> comp-lzo |
24 |
> max-clients 100 |
25 |
> persist-key |
26 |
> persist-tun |
27 |
> status openvpn-status.log |
28 |
> log /var/log/openvpn.log |
29 |
> log-append /var/log/openvpn.log |
30 |
> verb 3 |
31 |
> |
32 |
> On client in /etc/openvpn/ccd directory I've created a file "syscon9" with: |
33 |
> ifconfig-push 192.168.139.15 192.168.139.1 |
34 |
|
35 |
Hmmm... 192.168.139.1 does not seem a remote netmask, isn't it ? |
36 |
man openvpn tell me the following for ifconfig-push: |
37 |
--ifconfig-push local remote-netmask |
38 |
|
39 |
so, put ifconfig-push 192.168.139.15 255.255.255.0 rather than the line |
40 |
above in the ccd directory. |
41 |
|
42 |
If it doesn't work, then please post the openvpn.log of the client. |
43 |
|
44 |
> This file suppose to have a name from client "CN" |
45 |
> |
46 |
> client.conf |
47 |
> client |
48 |
> dev tun |
49 |
> proto udp |
50 |
> remote 68.148.245.78 8458 |
51 |
> resolv-retry infinite |
52 |
> nobind |
53 |
> tun-mtu 1500 |
54 |
> tun-mtu-extra 32 |
55 |
> mssfix 1200 |
56 |
> persist-key |
57 |
> persist-tun |
58 |
> remote-cert-tls server |
59 |
> ca "/etc/openvpn/client/ca.crt" |
60 |
> cert "/etc/openvpn/client/syscon9.crt" |
61 |
> key "/etc/openvpn/client/syscon9.key" |
62 |
> tls-auth "/etc/openvpn/client/vpn.key" 1 |
63 |
> comp-lzo |
64 |
> log /var/log/openvpn.log |
65 |
> log-append /var/log/openvpn.log |
66 |
> verb 3 |
67 |
|
68 |
-- |
69 |
Xavier Parizet |
70 |
YaGB : http://gentooist.com |
71 |
GPG : C7DC B10E FC21 63BE |
72 |
B453 D239 F6E6 DF65 1569 91BF |