The problem was I forgot to add ``client`` to the client config.
Hello,
I have server in TUN mode and a couple of clients (also in TUN mode). All clients use same private key (those are two SOHO routers both mine, so not a problem and I do not have client-specific settings)
I want server to assign clients IP address or I can hardcode IP address for each client. I am ok with any solution.
I started with pool
Server Config
dev tun
mode server
tls-server
server 172.16.1.0 255.255.255.0
topology net30
port 8443
proto tcp-server
keepalive 10 60
duplicate-cn
dh /usr/share/easy-rsa/3/pki/dh.pem
ca /usr/share/easy-rsa/3/pki/ca.crt
cert /usr/share/easy-rsa/3/pki/issued/server.crt
key private.server.key
remote-cert-eku "TLS Web Client Authentication"
Here is client
Client Config
tls-client
remote MYIP 8443 tcp-client
dev tun
cipher AES-256-GCM
connect-retry 15
remote-cert-eku "TLS Web Server Authentication"
connect-retry-max infinite
keepalive 10 60
resolv-retry infinite
<ca>
...
Client connects, but doesn't set any IP for ``tun0``, hence there is no connectivity. Is
Ok, I added this line to the client
Client Config
ifconfig 172.16.1.3 255.255.255.0
and removed "server" section from server.
Client now has IP, but server is unaware of it. Again: no connectivity.
It seems that I miss something very simple but very imprtant)