OpenVPN server configs not fully working
|Reported by:||phlegmer||Owned by:||somebody|
|Keywords:||OpenVPN Server Config||Cc:|
According to the OpenVPN Manualhttp://openvpn.net/index.php/documentation/manuals/69-openvpn-21.html, a pool of addresses can be set aside for VPN clients. Also, the server should be able to push the gateway's address to the clients using the following server config syntax:
server-bridge 10.8.0.4 255.255.255.0 10.8.0.200 10.8.0.254
10.8.0.4 = gateway
255.255.255.0 = subnet mask
10.8.0.200 10.8.0.254 = the VPN client IP range
The expanded syntax in the server config is as follows:
ifconfig-pool 10.8.0.200 10.8.0.254 255.255.255.0 push "route-gateway 10.8.0.4"
I've tested using a range that is inside the router's DHCP defined range and also outside. Always end up with an IP that was not defined in the server config. Pushing the gateway seems to sort of work. The gateway does get set on the client. However, when trying to do a "redirect-gateway" from the client, it fails to route all traffic through the the VPN gateway while using TAP. The same exact result occurs if either type of syntax is omitted from the server configs. Which leads me to believe that this is broke.
The issue has also been noted in this thread http://www.dd-wrt.com/phpBB2/viewtopic.php?t=37518
note: the server-bridge line sets up a DHCP pool for the VPN. However, in my experiece, at best, the client would only end up getting the IP from the DHCP server running on the router for WLAN/LAN and not from this pool.
If the "router-gateway" is hardcoded in the client's configs (not pushed from the server config), the "redirect-gateway" does work.
Defining a range specific for OpenVPN clients does not appear to function at all.