The physical setup is a couple of IP-cameras plugged into the embedded Linux device. Each camera has a static IP on the same subnet as the Linux device. Internet access comes from a wireless connection (happens to be Verizon LTE in this case) with a public-facing IP address. I need to be able to connect to the device from anywhere in the world and directly access the IP cameras.
Now I've been asked to change the server's LAN static IP address to 169.254.87.1. All I did was change the network configuration file in OpenWRT (/etc/config/network) on the server to the new static IP address. Now when I connect the client to the server, the client does not get an IP address. Consequently, I can't access anything on the VPN network.
Why would the VPN connection care what the static IP of the server's LAN interface is? For that matter, how did the OpenVPN server even know to assign the client an address in that subnet? I never explicitly told it to (even though that's exactly what I wanted it to do).
Here's the contents of /etc/config/openvpn on the server:
Code: Select all
config openvpn 'myvpn'
option enabled '1'
option verb '3'
option proto 'udp'
option port '1194'
option dev 'tap'
option mode 'server'
option tls_server '1'
list push 'route-gateway dhcp'
option keepalive '10 120'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/server.crt'
option key '/etc/openvpn/server.key'
option dh '/etc/openvpn/dh2048.pem'
option log '/var/log/openvpn.log'
Code: Select all
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd2b:8dce:12c7::/48'
config interface 'lan'
option type 'bridge'
option proto 'static'
option ipaddr '169.254.87.1' #<--- If I change this to 192.168.2.1, it magically works!
option netmask '255.255.255.0'
option ifname 'eth0 tap0'
config interface 'vpn0'
option ifname 'tap0'
option proto 'none'
option auto '1'
config interface 'wwan'
option ifname 'wwan0'
option proto 'dhcp'
config interface 'verizon'
option ifname 'wwan0'
option device '/dev/cdc-wdm0'
option apn 'WE01.VZWSTATIC'
option proto 'qmi'
Client config
dev tap
proto udp
log openvpn.log
verb 3
ca ca.crt
cert <crt file>
key <key file>
client
remote-cert-tls server
remote <server's public facing IP address> 1194
Please note, my configuration is based almost entirely on OpenWRT's beginner's guide to OpenVPN. Feel free to point out any obvious problems with my configuration