It is currently 29.04.2017 03:29


All times are UTC




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Client IP address allocation IPCop
PostPosted: 03.09.2009 22:00 
DES
DES

Joined: 14.04.2009 17:39
Posts: 7
Hi

Is the IP address on the OpenVPN subnet allocated to each client always the same?

If not is there any suggested way to force this for a particular client?

Thanks very much for your help.

Walt :D


Top
Offline Profile  
Reply with quote  
 Post subject: Re: Client IP address allocation IPCop
PostPosted: 04.09.2009 06:42 
Profi
Profi

Joined: 23.10.2007 12:10
Posts: 2176
I use client config directories [ ccd ] , but it is depending on certificate common names (not clients)

F.


Top
Offline Profile  
Reply with quote  
 Post subject: Re: Client IP address allocation IPCop
PostPosted: 04.09.2009 19:52 
DES
DES

Joined: 14.04.2009 17:39
Posts: 7
Thanks for the pointer - much appreciated - also found another post
viewtopic.php?f=25&t=6461

In a nutshell:


Task: always allocate 10.10.1.17 to laptop7.
Solution: Associate a fixed IP with a client based on the client's "Common Name" which in my case is the same as the Client name (laptop7).

1. add to /var/ipcop/opvn/server.conf the path to where client specific options are located:
Code:
client-config-dir /var/ipcop/opvn/ccd


2. make the new directory /var/ipcop/opvn/ccd

3. add a client configuration file with the same name as the "Common Name" for each client you want to have custom options (in my case a file called laptop7) in the new directory.

4. content of this file to allocate laptop7 an IP address of 10.10.1.17:

Code:
route 10.10.1.0 255.255.255.0
ifconfig-push 10.10.1.17 10.10.1.18


The OpenVPN Subnet is referenced in the first line- in my case 10.10.1.0 255.255.255.0

The second line contains two ip addresses the first one assigns and pushes the ip address 10.10.1.17 to the client the other address specified 10.10.1.18 is assigned internally to the OpenVPN server.

The file content is rechecked every time the client connects so you can change the file content and changes will be seen on the next connection.

notes
i. changes on the web interface will overwrite server.conf and remove the line you added in step 1.
ii. The windows open vpn tun client only supports a subnet mask of 255.255.255.252 which limits your options to a subnet with 4 IP addresses only 2 of which are usable as host addresses for the client - so in the above example you can either have 10.10.1.17 or 10.10.1.18 for the client .16 and .19 are either end of the subnet and will result in an error of "Connection refused (code=111)"


:D


Top
Offline Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ]  Moderator: Moderators

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Theme created StylerBB.net