On 02/25/2010 02:32 AM, Joseph wrote:
> I've configured OpenVPN and it works OK but I can not seems to figure it
> out how to assign static IP to clients
> 
> My server.conf port 8458
> proto udp
> dev tun
> mode server
> ca /usr/share/openvpn/easy-rsa/keys/ca.crt
> cert /usr/share/openvpn/easy-rsa/keys/server.crt
> key /usr/share/openvpn/easy-rsa/keys/server.key
> dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem
> server 192.168.139.0 255.255.255.0
> client-to-client
> ifconfig-pool-persist ipp.txt
> client-config-dir ccd
> keepalive 10 120
> tls-auth vpn_my.key 0
> tun-mtu 1500
> tun-mtu-extra 32
> mssfix 1200
> duplicate-cn
> comp-lzo
> max-clients 100
> persist-key
> persist-tun
> status openvpn-status.log
> log        /var/log/openvpn.log
> log-append /var/log/openvpn.log
> verb 3
> 
> On client in /etc/openvpn/ccd directory I've created a file "syscon9" with:
> ifconfig-push 192.168.139.15 192.168.139.1

Hmmm... 192.168.139.1 does not seem a remote netmask, isn't it ?
man openvpn tell me the following for ifconfig-push:
--ifconfig-push local remote-netmask

so, put ifconfig-push 192.168.139.15 255.255.255.0 rather than the line
above in the ccd directory.

If it doesn't work, then please post the openvpn.log of the client.

> This file suppose to have a name from client "CN"
> 
> client.conf
> client
> dev tun
> proto udp
> remote 68.148.245.78 8458
> resolv-retry infinite
> nobind
> tun-mtu 1500
> tun-mtu-extra 32
> mssfix 1200
> persist-key
> persist-tun
> remote-cert-tls server
> ca "/etc/openvpn/client/ca.crt"
> cert "/etc/openvpn/client/syscon9.crt"
> key "/etc/openvpn/client/syscon9.key"
> tls-auth "/etc/openvpn/client/vpn.key" 1
> comp-lzo
> log        /var/log/openvpn.log
> log-append /var/log/openvpn.log
> verb 3

-- 
      Xavier Parizet
YaGB :   http://gentooist.com
GPG  :    C7DC B10E FC21 63BE
B453 D239 F6E6 DF65 1569 91BF