On 02/25/2010 02:32 AM, Joseph wrote: > I've configured OpenVPN and it works OK but I can not seems to figure it > out how to assign static IP to clients > > My server.conf port 8458 > proto udp > dev tun > mode server > ca /usr/share/openvpn/easy-rsa/keys/ca.crt > cert /usr/share/openvpn/easy-rsa/keys/server.crt > key /usr/share/openvpn/easy-rsa/keys/server.key > dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem > server 192.168.139.0 255.255.255.0 > client-to-client > ifconfig-pool-persist ipp.txt > client-config-dir ccd > keepalive 10 120 > tls-auth vpn_my.key 0 > tun-mtu 1500 > tun-mtu-extra 32 > mssfix 1200 > duplicate-cn > comp-lzo > max-clients 100 > persist-key > persist-tun > status openvpn-status.log > log /var/log/openvpn.log > log-append /var/log/openvpn.log > verb 3 > > On client in /etc/openvpn/ccd directory I've created a file "syscon9" with: > ifconfig-push 192.168.139.15 192.168.139.1
Hmmm... 192.168.139.1 does not seem a remote netmask, isn't it ?
man openvpn tell me the following for ifconfig-push:
--ifconfig-push local remote-netmask
so, put ifconfig-push 192.168.139.15 255.255.255.0 rather than the line
above in the ccd directory.
If it doesn't work, then please post the openvpn.log of the client.
> This file suppose to have a name from client "CN"
>
> client.conf
> client
> dev tun
> proto udp
> remote 68.148.245.78 8458
> resolv-retry infinite
> nobind
> tun-mtu 1500
> tun-mtu-extra 32
> mssfix 1200
> persist-key
> persist-tun
> remote-cert-tls server
> ca "/etc/openvpn/client/ca.crt"
> cert "/etc/openvpn/client/syscon9.crt"
> key "/etc/openvpn/client/syscon9.key"
> tls-auth "/etc/openvpn/client/vpn.key" 1
> comp-lzo
> log /var/log/openvpn.log
> log-append /var/log/openvpn.log
> verb 3
--
Xavier Parizet
YaGB : http://gentooist.com
GPG : C7DC B10E FC21 63BE
B453 D239 F6E6 DF65 1569 91BF
signature.asc
Description: OpenPGP digital signature
