Community Support Forum
 
  OpenVPN.net  •  Forum Index  •  FAQ  

It is currently Wed Apr 16, 2014 7:02 pm


Forum rules


If you would like help, here is a few things you will want to do in order to help us help you.

**Post your configs from client and server, without comments. you can strip comments in linux/bsd with something like this:
grep -vE '^#|^;|^$' server.conf
**Tell us your goal.
**If you are having problems connecting, post your logfiles from server and client after using verb 4 in both configs


Also, there are 2 things you should be aware of:

**Sometimes you cannot avoid tunneling over tcp, but if you can avoid it, DO. Why TCP Over TCP Is A Bad Idea: http://sites.inka.de/~bigred/devel/tcp-tcp.html
**You ONLY want to use dev tap if you are tunneling layer2 traffic, if you are using IP traffic you want tun. If you are using tap only for windows file sharing, look into running a WINS server instead.



Post new topic Reply to topic  [ 5 posts ] 
 OpenVPN and DHCP 
Author Message
 Post subject: OpenVPN and DHCP
PostPosted: Tue Jun 26, 2012 11:44 pm 
OpenVPN Power User

Joined: Wed Oct 19, 2011 1:19 am
Posts: 79
i want to have my DHCP server assign IPs to clients connecting over the vpn. i am using TAP mode, and have the tap0 interface bridged to the appropriate ethernet interface. brctl shows both interfaces on br0. i keep getting this error in the logs:
Code:
no dynamic or static remote --ifconfig address is available for
and no ip is assigned to the client. no entries show up in the dhcp server logs, so the request does not even seem to be making it out at all.

server config:
Code:
mode server
tls-server
port 1194
proto udp
dev tap
ca ca.crt
cert vpn.crt
key vpn.key
dh dh2048.pem
cipher AES-256-CBC
push "redirect-gateway def1"
keepalive 10 120
comp-lzo
user nobody
group nobody
ping-timer-rem
persist-tun
persist-key
verb 4
mute 20
client config:
Code:
client
dev tap
proto udp
remote vpn.bpk2.com
resolv-retry infinite
keepalive 10 120
ping-timer-rem
persist-tun
persist-key
ca ca.crt
crt host.crt
key host.key
remote-cert-tls server
cipher AES-256-CBC
pull
comp-lzo
verb 4
mute 20
explicit-exit-notify 2
do i have a mis-match on some of my config directives? the service starts fine, but the client connection does not get an IP assigned.


Offline
 Profile  
 
 Post subject: Re: OpenVPN and DHCP
PostPosted: Wed Jun 27, 2012 1:44 am 
OpenVPN Power User

Joined: Wed Oct 19, 2011 1:19 am
Posts: 79
just thought of this, do i need to turn on ip forwarding via sysctl? would that make a difference?


Offline
 Profile  
 
 Post subject: Re: OpenVPN and DHCP
PostPosted: Wed Jun 27, 2012 11:28 am 
OpenVpn Newbie

Joined: Mon Jun 25, 2012 7:35 am
Posts: 2
Hello,

You need to enable DHCP-proxy mode on your OpenVPN server config

Code:
server-bridge


See the man page for complete description,
hope this helps.


Offline
 Profile  
 
 Post subject: Re: OpenVPN and DHCP
PostPosted: Wed Jun 27, 2012 10:27 pm 
OpenVPN Power User

Joined: Wed Oct 19, 2011 1:19 am
Posts: 79
i have added the server-bridge directive, with no options, and restarted the service. i still get no dhcp assigned address on the client and the dhcp server does not show any attempt to pull an address.


Offline
 Profile  
 
 Post subject: Re: OpenVPN and DHCP
PostPosted: Tue Jul 03, 2012 12:20 pm 
OpenVPN Power User

Joined: Wed Oct 19, 2011 1:19 am
Posts: 79
the following config allows me to connect and receive an IP, but it is not from my dhcp server, so the ddns updates i have configured are not occuring. what am i missing in the config when i only specify the server-bridge directive with no options? there are no attempts to communicate with the dhcp server at all?
Code:
mode server
tls-server
port 1194
proto udp
dev tap0
ca ca.crt
cert vpn.crt
key vpn.key
dh dh2048.pem
cipher AES-256-CBC
server-bridge 192.168.50.254 255.255.255.0 192.168.50.50 192.168.50.99
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.50.1"
push "dhcp-option DNS 192.168.25.1"
push "dhcp-option WINS 192.168.25.1"
keepalive 10 120
comp-lzo
user nobody
group nobody
ping-timer-rem
persist-tun
persist-key
verb 4
mute 20


Offline
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 


 Who is online 

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


phpBB SEO
[ Time : 0.197s | 12 Queries | GZIP : On ]

 
Index  |  FAQ


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group