Page 1 of 1
[SOLVED] Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 12:29 pm
by hudony
Hi,
I'm using bridged openvpn server and the openvpn 'dhcp' emulation (server-bridge instruction in my server.conf) to assign ip addresses to my clients. When I connect to it, I see no errrors in logs and everthing seems to be fine. However, the tap0 interface on the client side has no ip address assigned.
If I set up one manually using ifconfig, it works fine and I can browser my local network.
Any idea anyone?
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 12:51 pm
by janjust
this is "by design" : server-bridge + remote DHCP has the side effect that the openvpn client does not bring up the tap0 interface by itself - this is left to the OS; on windows this is done automagically, on linux you need to run something like 'dhclient tap0' ; this can be added to the client config using
Code: Select all
script-security 2
up /sbin/dhclient tap0
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 2:14 pm
by hudony
Thanks for the answer.
So I can only, if using linux, get an ip from my dhcp server so not from the range defined in the server-bridge instruction?
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 2:29 pm
by janjust
whoops I may have misread you:
if you use
Code: Select all
server-bridge 10.8.0.1 255.255.255.0 10.8.0.100 10.8.0.200
or something similar then the VPN client
Is assigned an address from the 'server-bridge' address pool.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 2:40 pm
by hudony
Weird :
I have server-bridge
Code: Select all
172.16.0.1 255.255.255.0 172.16.0.90 172.16.0.99
in my server.conf but as I said, I got no ip. When I do
, I receive one but I guess it then comes from the real dhcp server not the openvpn server ip pool.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 4:16 pm
by Mimiko
Will be interesting to see client log with verb 3 where it must ask for ip.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 4:23 pm
by hudony
Here is a pastebin :
http://pastebin.com/MhrUhwiF
Note that I did ctrl+c at the end.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 4:40 pm
by Mimiko
After using dhclient what ip does tap0 get?
Did you check the firewall on server, may be it blocks input or output packets on bridge for tap end.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 4:54 pm
by hudony
I receive 172.16.0.241 so obviously not coming from the openvpn pool.
Ya, i used iptables but I was sure everything was correctly set up :
Not that all INPUT and FORWARD are dropped by default :
#OPENVPN
iptables -A INPUT -i $EXTERNAL_INT -m state --state NEW,ESTABLISHED,RELATED -p udp --dport 1194 -j ACCEPT
iptables -A INPUT -i tap0 -j ACCEPT
iptables -A INPUT -i br0 -j ACCEPT
iptables -A FORWARD -i br0 -j ACCEPT
iptables -A FORWARD -i $EXTERNAL_INT -o br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 5:28 pm
by Mimiko
Interesting problem you have. Can you also check firewall on client for tun adapter?
Show complet server config, the log, the routing table, the interface configuration, and the output of iptables -L -n and iptables -L -t nat.
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 8:03 pm
by hudony
Re: Client has no ip addressed assigned
Posted: Tue Oct 04, 2011 9:24 pm
by janjust
your client config contains only 'tls-client', not 'client' : the result is that settings from the server are not pulled in (which I also could not find in the cllient log).
Either use
or add
to the client config file.
Re: Client has no ip addressed assigned
Posted: Wed Oct 05, 2011 12:21 pm
by hudony
That did it!
Thank you guys for your fast answers. Now I'm getting an ip form the pool.
