Hello,
I am using openvpn 2.3.4 from Debian Jessie.
I recently had some users complaining they can't connect anymore.
I found created files named after their common names with an incorrect configuration in each file.
the files contains a ifconfig-push line with ip and netmask related to a /31 config but the server is configured to use a /26 subnet topology.
Is there a way to block clients to push those configs ?
or prevent the server from generating those files that are incorrect according to the server config ?
Thanks for your help.
Strange behavior with ccd files
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 3
- Joined: Tue Dec 12, 2017 11:26 am
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Strange behavior with ccd files
Openvpn does not create --client-config-dir files for you.
Either you created them or some other 3rd party did.
Either you created them or some other 3rd party did.
-
- OpenVpn Newbie
- Posts: 3
- Joined: Tue Dec 12, 2017 11:26 am
Re: Strange behavior with ccd files
Can it be "pushed" by clients ?
No one is connecting to these servers to create them.
I forgot to mention that we use openvpn-radiusplugin
No one is connecting to these servers to create them.
I forgot to mention that we use openvpn-radiusplugin
-
- OpenVpn Newbie
- Posts: 3
- Joined: Tue Dec 12, 2017 11:26 am
Re: Strange behavior with ccd files
Answer to myself, after some research it may be related to overwriteccfiles=false from the openvpn-radiusplugin
- Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: Strange behavior with ccd files
That seems to be the case on a Synology NAS too.
Since overwriteccfiles=false, I would think that Radius will write a client specific file (like ccd) to remember that clients tunnel IP. Have you tried overwriteccfiles=true? It would not create these files in that case.
What directory are these files being stored?
Since overwriteccfiles=false, I would think that Radius will write a client specific file (like ccd) to remember that clients tunnel IP. Have you tried overwriteccfiles=true? It would not create these files in that case.
What directory are these files being stored?