Strange behavior with ccd files

sfoutrel · Post by **sfoutrel** » Tue Dec 12, 2017 12:36 pm

Hello,
I am using openvpn 2.3.4 from Debian Jessie.
I recently had some users complaining they can't connect anymore.
I found created files named after their common names with an incorrect configuration in each file.
the files contains a ifconfig-push line with ip and netmask related to a /31 config but the server is configured to use a /26 subnet topology.
Is there a way to block clients to push those configs ?
or prevent the server from generating those files that are incorrect according to the server config ?
Thanks for your help.

TinCanTech · Post by **TinCanTech** » Tue Dec 12, 2017 1:21 pm

Openvpn does not create --client-config-dir files for you.
Either you created them or some other 3rd party did.

sfoutrel · Post by **sfoutrel** » Tue Dec 12, 2017 2:37 pm

Can it be "pushed" by clients ?
No one is connecting to these servers to create them.
I forgot to mention that we use openvpn-radiusplugin

sfoutrel · Post by **sfoutrel** » Tue Dec 12, 2017 3:25 pm

Answer to myself, after some research it may be related to overwriteccfiles=false from the openvpn-radiusplugin

Post by **Pippin** » Tue Dec 12, 2017 9:41 pm

That seems to be the case on a Synology NAS too.
Since overwriteccfiles=false, I would think that Radius will write a client specific file (like ccd) to remember that clients tunnel IP. Have you tried overwriteccfiles=true? It would not create these files in that case.
What directory are these files being stored?

OpenVPN Support Forum

Strange behavior with ccd files

Strange behavior with ccd files

Re: Strange behavior with ccd files

Re: Strange behavior with ccd files

Re: Strange behavior with ccd files

Re: Strange behavior with ccd files