--client-config-dir problems
Posted: Fri Nov 26, 2010 9:59 am
Hi,
I have a server setup with --client-config-dir option in the configuration file.
I noticed sometimes (don't know in which circumstances) client files are automatically created in the config directory. The content is the following:
ifconfig-push 10.20.136.6 255.255.255.0
Once such a file is created the user can't connect any more. The client log shows the following:
Thu Nov 25 11:46:22 2010 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Thu Nov 25 11:46:22 2010 There is a problem in your selection of --ifconfig endpoints [local=10.20.136.6, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Thu Nov 25 11:46:22 2010 Exiting
It seems like the information in the config dir file is used incorrectly as local and remote ips while it is actually an ip and a netmask.
Clients are Windows Vista/7 machines with the latest stable openvpn. Server is linux with openvpn 2.1.0.
I have a server setup with --client-config-dir option in the configuration file.
I noticed sometimes (don't know in which circumstances) client files are automatically created in the config directory. The content is the following:
ifconfig-push 10.20.136.6 255.255.255.0
Once such a file is created the user can't connect any more. The client log shows the following:
Thu Nov 25 11:46:22 2010 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Thu Nov 25 11:46:22 2010 There is a problem in your selection of --ifconfig endpoints [local=10.20.136.6, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Thu Nov 25 11:46:22 2010 Exiting
It seems like the information in the config dir file is used incorrectly as local and remote ips while it is actually an ip and a netmask.
Clients are Windows Vista/7 machines with the latest stable openvpn. Server is linux with openvpn 2.1.0.