I have a working OpenVPN Server using the following server configuration:
Code: Select all
port PORT
proto udp
dev tun
ca ca.crt
cert server.crt
dh dh.pem
crl-verify crl.pem
topology subnet
server 10.XX.0.0 255.255.0.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
client-config-dir ccd
push "redirect-gateway def1"
push "dhcp-option DNS 10.XX.0.1"
client-to-client
keepalive 10 120
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 4
mute 10
mute-replay-warnings
explicit-exit-notify 1
Code: Select all
client
dev tun
proto udp
remote SERVER PORT
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
cipher AES-256-CBC
auth SHA256
key-direction 1
verb 3
<ca>
</ca>
<cert>
<key>
</key>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
Code: Select all
ifconfig-push 10.XX.0.72 255.255.0.0
I want to create some profiles to redirect only DNS request trough the VPN
To achieve this I created client configuration files like:
Code: Select all
ifconfig-push 10.XX.64.2 255.255.255.255
push-reset
push "dhcp-option DNS 10.XX.0.1"
push "route 10.XX.0.1 255.255.255.255"
TUN Error: tun_prop_error: ifconfig addresses are not in the same /30 subnet (topology net30)
EVENT: TUN_SETUP_FAILED info='tun_prop_error: ifconfig addresses are not in the same /30 subnet (topology net30)
any idea why I get this net30 error in the Android client when I'm using subnet topology ?
any idea how to fix it?
do I need to specify net topology in the client configuration? I currently don't do it for the "full VPN" case and it works fine
Thanks