[ previous ] [ next ] [ threads ]
 
 From:  "Peter Curran" <lists at closeconsultants dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Fw: [m0n0wall] OpenVPN Issues...
 Date:  Tue, 2 Nov 2004 14:00:55 -0500
----- Original Message -----
From: "Peter Curran" <peter at closeconsultants dot com>
To: "Jan Walzer" <j dot walzer at itcampus dot de>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, November 02, 2004 12:39 PM
Subject: Re: [m0n0wall] OpenVPN Issues...


> Jan
>
> > I solved the problem, of an ever-dying ovpn process.
> > The Problem was the following:
> > As I want to use tap-Interface, I gave the IP 192.168.249.254/23
> > in the OPVN-Interface. ovpn didn't like this... I gave it 192.168.248.0
> >
> When you provide an IP block/prefix for OVPN to use it is important to
> realise that you are providing a block of addresses, not AN address.  The
> server will figure out which address it is using from the block.  For tap
it
> will use the first address in the block.
>
> It is barfing because you are breaking the rules by trying to prescribe
the
> address for the server to use.
>
>
> > But how do I give the IP now for this Interface on the serverside?
>
> You don't need to.  If you give, say, 1921.68.1.0/24 then the server will
> use 192.168.1.1.
>
> > The tap-Interface doesn't show up on the devicelist in the menu.
> >
> It should do so - have you done a reboot?  For a tap-based server the
> information in the interfaces list is correct and the code should create
an
> OPT interface called 'OVPN Server'.  If this is not the case then please
> send me your sanitised config.xml and status.php output so that I can fix
> this bug.
>
>
> > (I just tried, a quick hack, by deducing the index-Value of
> > interfaces_opt.php page, and was able to set it... I'll see,
> > it that survives an reboot. But one of this should be a bug)
> >
> > (Update: The settings survive the reboot, but the TAP is brought
> > up abter an reboot with the 1st IP from the subnet )-:
> >
> That's what should happen.
>
> Can you please tell me if the GUI asked you to reboot after you created
the
> tunnel?  It should have done (as any changes to the list of optional
> interfaces needs a reboot).
>
> Thanks for your persistence.
>
> Peter
>
>


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.