Page 1 of 1

[solved] Two clients got the same IP

Posted: Fri Jan 07, 2011 3:07 pm
by max@OpenVPN
Hello,

Here is my problem:
When connecting to my OpenVPN server, my client gets the IP 10.8.0.6.
Next a friend of mine connects and gets IP 10.8.0.10.
So far, there aren't any problems.

But there are clients, which get an IP which was already given to a client which is still connected.
e.g.
First client connects and gets IP 10.8.0.6.
Second client connects and gets IP 10.8.0.6 too, although first client is still connected.

Why do two clients got the same IP? Can somebody please help me?

Kind regards,
Markus

# Server Config
port 1194
proto udp
dev tun
dev-node OpenVPN
ca .\\..\\easy-rsa\\keys\\ca.crt
cert .\\..\\easy-rsa\\keys\\server.crt
key .\\..\\easy-rsa\\keys\\server.key
dh .\\..\\easy-rsa\\keys\\dh1024.pem
server 10.8.0.0 255.255.255.0
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 6

# Client 01 Config (each client has unique *.crt and *.key file)
client
dev tun
dev-node OpenVPN
proto udp
remote myserver.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca .\\..\\easy-rsa\\keys\\ca.crt
cert .\\..\\easy-rsa\\keys\\client_01.crt
key .\\..\\easy-rsa\\keys\\client_01.key
ns-cert-type server
comp-lzo
verb 6

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 3:15 pm
by gladiatr72
What does the contents of your ipp.txt file look like?

-Stephen

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 3:19 pm
by max@OpenVPN
Hi Stephen,
I'm not using an IPP.txt File.
Do I have to?
Markus

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 3:29 pm
by gladiatr72
Have to... have to... Yeah. I'm gonna say that you really do. Just add the following to your server.conf and restart openvpn:

Code: Select all

ifconfig-pool-persist ipp.txt
All this does is is maintain a file (called ipp.txt in this case) that maps the cn of your client cert to an IP on your VPN network. I can almost guarantee this is the cause of your address collision problem.

-S

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 3:52 pm
by max@OpenVPN
Hi Stephen,
OK, now an ipp.txt is created after I restarted the server -> content: <server hostname>, 10.8.0.4.
Then I connected with two clients -> both got IP 10.8.0.6; ipp.txt wasn't updated.
Markus

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 4:18 pm
by gladiatr72
Heya,

Please set verb 4 in server.conf and one of your client.conf files, restart the server, then reconnect the clients then post the logs from the server and one client.

-Stephen

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 5:00 pm
by max@OpenVPN
Hi Stephan,
I'm not allowed to attach files - what can I do? I didn't find help in forum FAQ.
Markus

Re: Two clients got the same IP

Posted: Fri Jan 07, 2011 6:59 pm
by max@OpenVPN
Hi Stephan,
thanks a lot for your support.
I've got the resolution:
For each client, I generated a unique certificate/key, but I always used the same CN. So, when the second client connected, the first client was dropped (*), because of identical CN OpenVPN thought, client 1 and 2 were one client.
(*):
MULTI: new connection by client 'oporto' will cause previous active sessions by this client to be dropped.
Kind regards,
Markus