OpenVPN with PAM authorization in Ubuntu 11.04.

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
d3v1ous
OpenVpn Newbie
Posts: 3
Joined: Sat May 21, 2011 3:43 pm

OpenVPN with PAM authorization in Ubuntu 11.04.

Post by d3v1ous » Sat May 21, 2011 3:52 pm

Hello, im using OpenVPN with PAM authorization in Ubuntu 11.04. Everything is ok, but i want to give static ip address of my clients.

The server configuration files is as follow:

Code: Select all

root@server:/etc/openvpn# cat server.conf
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.10.10.0 255.255.255.0
client-to-client
status openvpn-status.log
plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth
client-cert-not-required

username-as-common-name
client-config-dir /etc/openvpn/client-configs
root@server:/etc/openvpn#
And the client configuration file for static ip assign:

Code: Select all

root@server:/etc/openvpn# cat client-configs/client
ifconfig-push 10.10.10.1 10.10.10.5
root@server:/etc/openvpn#
In /etc/passwd i have:

Code: Select all

root@server:/etc/openvpn# grep client /etc/passwd
client:x:1001:1001::/dev/null:/bin/false
Client have only ca.crt file of the server. And the config file is look like this:

Code: Select all

root@client:/etc/openvpn# cat client.conf
client
port 1194
proto udp
dev tun
remote 192.168.0.4
ca "/etc/openvpn/keys/ca.crt"
auth-user-pass
root@client:/etc/openvpn#
With this configuration the client should get 10.10.10.5, but get 10.10.10.6 - i don't know why.
In server.log i see this (maybe i have problem with client recognition).

Code: Select all

root@server:/etc/openvpn# cat openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat May 21 18:51:57 2011
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,192.168.0.5:1194,12834,31234,Sat May 21 18:08:17 2011
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.10.10.6,UNDEF,192.168.0.5:1194,Sat May 21 18:38:49 2011
GLOBAL STATS
Max bcast/mcast queue length,0
END
root@server:/etc/openvpn#
Can somebody help me?
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: OpenVPN with PAM authorization in Ubuntu 11.04.

Post by janjust » Sat May 21, 2011 4:26 pm

your problem is not with PAM authorization, but with your client config file; you are using the "default" addressing mode in openvpn, which means each client gets assigned a miniature /30 network: the first client is assigned 10.10.10.6, the second 10.10.10.10, +4 every time.

you can switch to linear addressing mode by adding

Code: Select all

topology subnet
to the server config file ; your CCD file would then look like this

Code: Select all

ifconfig-push 10.10.10.5 255.255.255.0
Top
d3v1ous
OpenVpn Newbie
Posts: 3
Joined: Sat May 21, 2011 3:43 pm

Re: OpenVPN with PAM authorization in Ubuntu 11.04.

Post by d3v1ous » Sat May 21, 2011 7:32 pm

janjust many thanks. Everything is ok now.

Again - thank you.
Top
Post Reply

Return to “Configuration”