Page 1 of 1

IP assigned randomly

Posted: Tue Apr 16, 2013 11:24 am
by imjebran
Hello,

My config file is.
tls-server
port 53
proto udp
topology subnet
dev tun
client-cert-not-required
username-as-common-name
ca "C:\\Program Files\\xxxx.crt"
cert "C:\\Program Files\\xxxxr.crt"
key "C:\\Program Files\\xxxxx.key"
dh "C:\\Program Files\\xxxxx.pem"
server xx.xxx.xx.224 255.255.255.224
push "redirect-gateway def1 bypass-dhcp"
cipher AES-256-CBC
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 8.8.4.4"
duplicate-cn
keepalive 10 120
tls-auth xxx.key 0 # This file is secret
comp-lzo
persist-key
persist-tun
status openvpn-status.log
management localhost 7505
log-append openvpn.log
verb 3
mute 20
route-method exe
script-security 3
auth-user-pass-verify "C:/xx/xxx.exe C:/xxx.php" via-file
How can I set openVPN assigned randomly IPs from this pool xx.xxx.xx.224 255.255.255.224.

Regards,
Jebran.

Re: IP assigned randomly

Posted: Tue Apr 16, 2013 1:20 pm
by janjust
normally, OpenVPN assigns addresses linearly; if you want to make it random you can use a 'client-connect' script to assign a random IP address . In this case you'd need to keep track of the assigned IPs yourself (in order to prevent the same IP from being handed out twice).

Re: IP assigned randomly

Posted: Wed Apr 17, 2013 8:06 am
by imjebran
Hello Janjust,

Can you please advise any link from where I can get idea to apply this.


Regards,
Jebran.

Re: IP assigned randomly

Posted: Wed Apr 17, 2013 8:44 am
by janjust
for Windows servers, I have no idea - my best bet would be some PowerShell script , or perhaps even PHP - you seem to be using that already.

Re: IP assigned randomly

Posted: Wed Apr 17, 2013 9:56 am
by imjebran
Thanks for the advise, can you provide any example script of linux based OpenVPN server.

Re: IP assigned randomly

Posted: Wed Apr 17, 2013 10:36 am
by janjust
I'd use 'topology subnet' to assing IPs and the rough idea for the client-connect would be something like

Code: Select all

#!/bin/bash

num_attempts=10

while [ $num_attempts -gt 0 ]
do
  POOL=192.168.100
  # generate the last IP digits randomly between 16 and 48
  RANDIP=$POOL.`echo 16+32*$RANDOM/32768 | bc`

  # not taken yet?
  if [ ! -r /etc/openvpn/ip-pool/$RANDIP ]
  then
    # take it
    touch /etc/openvpn/ip-pool/$RANDIP
    # write out the ifconfig line to $1 which is picked up by openvpn
    echo "push \"ifconfig $RANDIP 255.255.255.0\"" > $1
  fi

  let num_attempts--
done

echo "ERROR: could not assign a random address in 10 attempts - aborting!" 1>&2
and a 'client-disconnect' would delete the assigned IP:

Code: Select all

#!/bin/bash

rm -f /etc/openvpn/ip-pool/$ifconfig_pool_remote_ip

Re: IP assigned randomly

Posted: Wed Apr 17, 2013 11:20 am
by imjebran
it will be helpful for us,

Thanks,
Jebran.