Hi! I have a VPS with these public IP-addresses: xx.xx.xx.192 (This IP-address is assigned to eth0) xx.xx.xx.193 xx.xx.xx.194 xx.xx.xx.195 xx.xx.xx.196 xx.xx.xx.197 xx.xx.xx.198 xx.xx.xx.200 xx.xx.xx.201 xx.xx.xx.202 eth0 is configured with static IP. Gateway is xx.xx.xx.254, netmask is 255.255.255.0 ipv4_forward is 1. I have no iptables rules yet. This server is not standing behind a NAT-restricted network. (I don't need to open ports for services anywhere, just set up the service and connect to the server via the port.) I want to make that the OpenVPN server assigns all the public IPs to the clients, except .192, of course. But when I connect to the OpenVPN server, I does not get a IP-address. Windows just set IP-address to the 169.xx.xx.xx address (local only) I tried to make the TAP-adapter to have a static IP-address, xx.xx.xx.194 with xx.xx.xx.192 as gateway, and 255.255.255.0 as netmask. Now I can't connect something with this IP. My computer tries to reach the destination with the TAP-adapter first, then it gives up and use my default network connection instead. (WLAN) This is the config of OpenVPN server, do I miss something? Code: mode server dev tap port 1197 proto udp local xx.xx.xx.192 tls-server dh /etc/openvpn/ssl/dh1024.pem cert /etc/openvpn/ssl/server.crt key /etc/openvpn/ssl/server.key ca /etc/openvpn/ssl/ca.crt reneg-sec 216000 ifconfig xx.xx.xx.193 255.255.255.0 push "route xx.xx.xx.194 255.255.255.0 net_gateway" push "route-gateway xx.xx.xx.192" push "redirect-gateway def1" push "dhcp-option DNS 195.159.0.100" push "dhcp-option DNS 195.159.0.200" keepalive 5 60 comp-lzo user nobody group nogroup persist-key persist-tun log /var/log/openvpn/main204.log verb 1 mute 10 username-as-common-name tun-mtu 1500 tun-mtu-extra 32 max-clients 30 auth-user-pass-verify "/etc/openvpn/script/login.sh" via-env script-security 3 tmp-dir "/tmp" tcp-queue-limit 128 txqueuelen 200 tcp-nodelay inactive 600 client-connect /etc/openvpn/script/connect.sh client-disconnect /etc/openvpn/script/disconnect.sh #engine aesni cipher aes-128-cbc I'm using MySQL authentication, so this is the login.sh script: Code: #!/bin/bash . /etc/openvpn/script/config.sh ##Authentication user_id=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select user_id from ovpnuser where user_id = '$username' AND user_pass = '$password' AND user_enable=1 AND user_start_date != user_end_d$ ##Check user [ "$user_id" != '' ] && [ "$user_id" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1 This is connect.sh script: Code: #!/bin/bash . /etc/openvpn/script/config.sh ##insert data connection to table log mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "INSERT INTO ovpnlog (log_id,user_id,log_trusted_ip,log_trusted_port,log_remote_ip,log_remote_port,log_start_time,log_end_time,log_received,log_send) V$ ##set status online to user connected mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "UPDATE ovpnuser SET user_online=1 WHERE user_id='$common_name'" Help, please?
Hey, you forget to define the VPN Subnet. Define in your server.conf something like Code: server 192.168.100.0 255.255.255.0 This will assign 192.168.100.1 to the openvpn server and all other IPs (192.168.100.2-192.168.100.255) to clients who connected to the server. Try this out and if this doesn't help provide us some more information like errors in /var/log/openvpn/main204.log
TUN is a bit easier to setup in regards to networking you might want to try that if Dennys suggestion does not work for you. Another way that greatly simplifies things is to use Webmin + the openvpn module. I have written a good guide with video on this and it takes less than 15 minutes to setup. Install Webmin And OpenVPN On Your Ubuntu Cloud Server
