Forums

Resolved
0 votes
Hi everyone

I want to ask how to assign static ip's for each client in openvpn. In webconfig I don't see how to change the ip range for openvpn

thanks before
In OpenVPN
Wednesday, May 26 2021, 07:06 AM
Share this post:
Responses (4)
  • Accepted Answer

    Thursday, June 03 2021, 10:25 AM - #Permalink
    Resolved
    0 votes
    There is no need to declare a net30 topology as it is the default. In this case your ccd file should have something like this in it:
    ifconfig-push 10.8.0.14 10.8.0.13
    It should not have a netmask.

    Also you are going to hit problems if you use the same subnet for you fixed IP's and your dynamic IP's. I suggest you move your fixed IP's to something like 10.8.4.x and in your clients.conf add a line:
    route 10.8.4.0 255.255.255.0
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, June 03 2021, 09:40 AM - #Permalink
    Resolved
    0 votes
    Hi Nick.
    I have an error, I managed to configure it but the following error appears on the client:

    Thre is a problem in your selection of --ifconfig endpoints [local=10.8.0.14, remote=255.255.255.252]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.

    I declarate in "topology net30" in /etc/oopenvpn/clients.conf but it keeps giving me the error




    # Tip - if you are using this as a template for configuring other VPNs:
    # - the ifconfig-pool-persist file must be unique
    # - the port/protocol combination must be unique
    # - the status file must be unique
    # - different server IPs are recommended
    # - don't forget about the firewall
    port 1194
    proto udp
    dev tun
    topology net30

    ca /etc/pki/CA/ca-cert.pem
    cert /etc/pki/CA/sys-0-cert.pem
    key /etc/pki/CA/private/sys-0-key.pem
    dh /etc/openvpn/ssl/dh1024.pem
    server 10.8.0.0 255.255.255.0
    client-config-dir ccd
    keepalive 10 120
    compress stub-v2
    push "compress stub-v2"
    user nobody
    group nobody
    multihome
    persist-key
    persist-tun
    ifconfig-pool-persist /var/lib/openvpn/ipp.txt 120
    status /var/lib/openvpn/openvpn-status.log
    plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn
    verb 3
    log-append /var/log/openvpn
    push "dhcp-option DNS 192.168.0.11"
    push "dhcp-option DOMAIN pruebas.local"
    push "route 192.168.0.0 255.255.255.0"
    push "dhcp-option WINS 192.168.0.11"
    client-to-client
    push "redirect-gateway def1 bypass-dhcp"
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, May 26 2021, 09:02 AM - #Permalink
    Resolved
    0 votes
    ok, thank you very much i will take a look
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, May 26 2021, 07:38 AM - #Permalink
    Resolved
    0 votes
    You can't change the IP range for OpenVPN in the webconfig, but you can do it by editing /etc/openvpn/clients.conf then restarting OpenVPN. Make sure it does not clash with any other IP range you use.

    For static IP's, please see this feature request and its linked document. I use static IP's so can help.
    The reply is currently minimized Show
Your Reply