From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NkYmp-0006Jc-3S for garchives@archives.gentoo.org; Thu, 25 Feb 2010 08:09:31 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AF5CCE0E5B for ; Thu, 25 Feb 2010 08:09:30 +0000 (UTC) Received: from mx1.linuxant.fr (mx1.linuxant.fr [87.98.143.218]) by pigeon.gentoo.org (Postfix) with ESMTP id 74116E0AFB for ; Thu, 25 Feb 2010 07:42:26 +0000 (UTC) Received: from [192.168.1.101] (93-136-174-234.adsl.net.t-com.hr [93.136.174.234]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: xavier) by mx1.linuxant.fr (Postfix) with ESMTPSA id 56D6B3937 for ; Thu, 25 Feb 2010 08:42:28 +0100 (CET) X-DKIM: Sendmail DKIM Filter v2.8.3 mx1.linuxant.fr 56D6B3937 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gentooist.com; s=DKIM; t=1267083748; bh=4WcO5TuRwQ/90VCtylKXeyl93I/ax61H3BJEov35MPQ=; l=2663; h=Message-ID:Date:From:Reply-To:MIME-Version:To:Subject:References: In-Reply-To:Content-Type; b=ZpMKyBmO8rUfjh3VpNYBQbc5yoG3v3gnHOJljt/OdcIFlTBpAqaSyEJeV0NegT0Bj Ts719TCJMdZQmJidVCt6GeXUAzB0yXApuMT8JZ654TnRdLlMytwTQJZXm9aLTokIiz HzVMNDAoLcyykS7L5Gw5SCfhME0L9btzoW4opFqU= X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 mx1.linuxant.fr 56D6B3937 DomainKey-Signature: a=rsa-sha1; s=DomainKey; d=gentooist.com; c=nofws; q=dns; h=message-id:date:from:reply-to:user-agent:mime-version:to: subject:references:in-reply-to:x-enigmail-version:content-type; b=eAatQDy5+d5RipVh4bvf5M1pKQBQxpmztxQxqw9flA+FF6/TB/+JpoNZSTrr7dsXW XaCQy483c4lQFDT9n4F15lrPpB55SNZ0SfX5hGwJGnvtq767AGUqbyJQz0fq5ZXBwaQ TBVbH72ofYyXrKaJwDl/fh1LYlqK62cuObK4ZIQ= Message-ID: <4B86298B.50601@gentooist.com> Date: Thu, 25 Feb 2010 08:40:59 +0100 From: Xavier Parizet User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.7) Gecko/20100217 Lightning/1.0b2pre Thunderbird/3.0.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] openvpn static ip References: <20100225013240.GB5865@syscon4.inet> In-Reply-To: <20100225013240.GB5865@syscon4.inet> X-Enigmail-Version: 1.0.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig99AD5C1EADD21DFBF24731B3" X-Archives-Salt: be4abf69-def1-4896-99d1-2935894944ab X-Archives-Hash: 832e28a391aac30274808a41da389e31 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig99AD5C1EADD21DFBF24731B3 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 02/25/2010 02:32 AM, Joseph wrote: > I've configured OpenVPN and it works OK but I can not seems to figure i= t > out how to assign static IP to clients >=20 > My server.conf port 8458 > proto udp > dev tun > mode server > ca /usr/share/openvpn/easy-rsa/keys/ca.crt > cert /usr/share/openvpn/easy-rsa/keys/server.crt > key /usr/share/openvpn/easy-rsa/keys/server.key > dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem > server 192.168.139.0 255.255.255.0 > client-to-client > ifconfig-pool-persist ipp.txt > client-config-dir ccd > keepalive 10 120 > tls-auth vpn_my.key 0 > tun-mtu 1500 > tun-mtu-extra 32 > mssfix 1200 > duplicate-cn > comp-lzo > max-clients 100 > persist-key > persist-tun > status openvpn-status.log > log /var/log/openvpn.log > log-append /var/log/openvpn.log > verb 3 >=20 > On client in /etc/openvpn/ccd directory I've created a file "syscon9" w= ith: > ifconfig-push 192.168.139.15 192.168.139.1 Hmmm... 192.168.139.1 does not seem a remote netmask, isn't it ? man openvpn tell me the following for ifconfig-push: --ifconfig-push local remote-netmask so, put ifconfig-push 192.168.139.15 255.255.255.0 rather than the line above in the ccd directory. If it doesn't work, then please post the openvpn.log of the client. > This file suppose to have a name from client "CN" >=20 > client.conf > client > dev tun > proto udp > remote 68.148.245.78 8458 > resolv-retry infinite > nobind > tun-mtu 1500 > tun-mtu-extra 32 > mssfix 1200 > persist-key > persist-tun > remote-cert-tls server > ca "/etc/openvpn/client/ca.crt" > cert "/etc/openvpn/client/syscon9.crt" > key "/etc/openvpn/client/syscon9.key" > tls-auth "/etc/openvpn/client/vpn.key" 1 > comp-lzo > log /var/log/openvpn.log > log-append /var/log/openvpn.log > verb 3 --=20 Xavier Parizet YaGB : http://gentooist.com GPG : C7DC B10E FC21 63BE B453 D239 F6E6 DF65 1569 91BF --------------enig99AD5C1EADD21DFBF24731B3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuGKZEACgkQ9ubfZRVpkb/mdQCdH3HE0cdhWvevcDCCOXeb08oB XTEAnjgR3l0YB308LKS/YBba2d9F4RNO =RthB -----END PGP SIGNATURE----- --------------enig99AD5C1EADD21DFBF24731B3--