Server assigns client IPs for one subnet but not another

[rusttree]

I have a VPN server running on an embedded Linux computer with OpenWRT. I managed to get a basic server/client connection to work. When the client connects, the server assigns it an IP address in its subnet. I set a static IP on the server's LAN interface to be 192.168.2.1. When I connect a client, it correctly assigns the client an IP address in the range 192.168.2.XXX. I can ping the server and access all of the other devices connected to the server.

The physical setup is a couple of IP-cameras plugged into the embedded Linux device. Each camera has a static IP on the same subnet as the Linux device. Internet access comes from a wireless connection (happens to be Verizon LTE in this case) with a public-facing IP address. I need to be able to connect to the device from anywhere in the world and directly access the IP cameras.

Now I've been asked to change the server's LAN static IP address to 169.254.87.1. All I did was change the network configuration file in OpenWRT (/etc/config/network) on the server to the new static IP address. Now when I connect the client to the server, the client does not get an IP address. Consequently, I can't access anything on the VPN network.

Why would the VPN connection care what the static IP of the server's LAN interface is? For that matter, how did the OpenVPN server even know to assign the client an address in that subnet? I never explicitly told it to (even though that's exactly what I wanted it to do).

Here's the contents of /etc/config/openvpn on the server:

Code: Select all

config openvpn 'myvpn'
	option enabled '1'
	option verb '3'
	option proto 'udp'
	option port '1194'
	option dev 'tap'
	option mode 'server'
	option tls_server '1'
	list push 'route-gateway dhcp'
	option keepalive '10 120'
	option ca '/etc/openvpn/ca.crt'
	option cert '/etc/openvpn/server.crt'
	option key '/etc/openvpn/server.key'
	option dh '/etc/openvpn/dh2048.pem'
	option log '/var/log/openvpn.log'

Here's the contents of /etc/config/network on the server:

Code: Select all

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd2b:8dce:12c7::/48'

config interface 'lan'
	option type 'bridge'
	option proto 'static'
	option ipaddr '169.254.87.1'    #<--- If I change this to 192.168.2.1, it magically works!
	option netmask '255.255.255.0'
	option ifname 'eth0 tap0'

config interface 'vpn0'
	option ifname 'tap0'
	option proto 'none'
	option auto '1'

config interface 'wwan'
        option ifname 'wwan0'
        option proto 'dhcp'

config interface 'verizon'
        option ifname 'wwan0'
        option device '/dev/cdc-wdm0'
        option apn 'WE01.VZWSTATIC'
        option proto 'qmi'

And the client's conf file:

View OriginalClient config

dev tap
proto udp

log openvpn.log
verb 3

ca ca.crt
cert <crt file>
key <key file>

client
remote-cert-tls server
remote <server's public facing IP address> 1194

Please note, my configuration is based almost entirely on OpenWRT's beginner's guide to OpenVPN. Feel free to point out any obvious problems with my configuration

[TinCanTech]

Feel free to point out any obvious problems

You said it ..

I've been asked to change the server's LAN static IP address to 169.254.87.1

[rusttree]

Would you mind elaborating?

[TinCanTech]

https://duckduckgo.com/?q=169.254&t=hb&ia=web