Bridge client gets gateway from DHCP despite server-bridge

[kohutique]

I'm trying to set up a bridged OpenVPN network in the following configuration:

Everything works just fine, the home client is able to access all office lan services.
The only trouble is that the home client keeps receiving network settings from the office router (which is also a dhcp server for the office lan) which obviously screws up its route tables and the home gateway is overriden by the route to the office gateway.

The client runs on Windows 7 Home premium
The OpenVPN server runs on Windows Server 2008 R2
The Office router is a TP-Link TR-W1043ND

I tried to suppress the office DHCP by adding a server-bridge directive to the server config but the client still keeps getting the IP & gateway from the office DHCP instead. Adding route-nopull to the client didn't help either as these settings are not pulled from the OpenVPN server.

Server config:

Code: Select all

local 192.168.226.2
port 1194
proto udp
dev tap
dev-node OpenVPN
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
tls-server
server-bridge 192.168.226.1 255.255.255.0 192.168.226.200 192.168.226.254
client-to-client
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 6

Client config:

Code: Select all

proto udp
dev tap
tls-client
remote <office_router_public_ip> 1194
resolv-retry infinite
nobind
ca ca.crt
cert myclient.crt
key myclient.key
comp-lzo
verb 6

Office DHCP settings:

Code: Select all

Start IP Address:192.168.226.100
End IP Address: 192.168.226.199
Default Gateway: 192.168.226.1

Right after connecting the client to the openvpn, the client receives vpn IP from within the DHCP server's pool and not from the server-bridge range and client's route table changes from:

Code: Select all

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.160    276

to:

Code: Select all

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.160    276
          0.0.0.0          0.0.0.0    192.168.226.1  192.168.226.108     30

And that's the problem obviously because all connections to outside internet from the home client PC stop working and the traffic is routed to the office gateway instead.

Thank you very much for helping me, I've searched tons of resources but I must be making some stupid mistake somewhere...

[maikcat]

can you try using

server-bridge 192.168.226.2 255.255.255.0 192.168.226.200 192.168.226.254


Michael.

[kohutique]

thank you for your reply Michael.

However, that didn't help either. the client keeps getting its IP(and gateway) from the office router instead of the IP pool set by the server-bridge command. I even removed/added another TAP adapter in case the client was remembering some old DHCP settings but all I got was a different IP from the office router DHCP. Still not from the bridge's pool.

I can kind of fix the symptoms by deleting the naughty route list entry on the client PCs each time the OpenVPN connects but that's rather uncomfortable.

Not mentioning I want to get to the bottom of why server-bridge doesn't work the way it's supposed to...

UPDATE: I resolved to using a static IP for each client via ifconfig in client's config. The DHCPs are ignored altogether this way. I just need to keep track of which IPs I've already assigned to clients.

Thanks anyway!