OpenVPN server does not assign IP-addresses.

Discussion in 'Technical' started by NovaDecker, Jul 24, 2013.

  1. NovaDecker

    NovaDecker New Member

    Hi!
    I have a VPS with these public IP-addresses:
    xx.xx.xx.192 (This IP-address is assigned to eth0)
    xx.xx.xx.193
    xx.xx.xx.194
    xx.xx.xx.195
    xx.xx.xx.196
    xx.xx.xx.197
    xx.xx.xx.198
    xx.xx.xx.200
    xx.xx.xx.201
    xx.xx.xx.202

    eth0 is configured with static IP. Gateway is xx.xx.xx.254, netmask is 255.255.255.0
    ipv4_forward is 1.
    I have no iptables rules yet. This server is not standing behind a NAT-restricted network.
    (I don't need to open ports for services anywhere, just set up the service and connect to the server via the port.)

    I want to make that the OpenVPN server assigns all the public IPs to the clients, except .192, of course.

    But when I connect to the OpenVPN server, I does not get a IP-address. Windows just set IP-address to the 169.xx.xx.xx address (local only)

    I tried to make the TAP-adapter to have a static IP-address, xx.xx.xx.194 with xx.xx.xx.192 as gateway, and 255.255.255.0 as netmask.
    Now I can't connect something with this IP. My computer tries to reach the destination with the TAP-adapter first, then it gives up and use my default network connection instead. (WLAN)

    This is the config of OpenVPN server, do I miss something?
    Code:
    mode server
    dev tap
    port 1197
    proto udp
    local xx.xx.xx.192
    
    tls-server
    dh /etc/openvpn/ssl/dh1024.pem
    cert /etc/openvpn/ssl/server.crt
    key /etc/openvpn/ssl/server.key
    ca /etc/openvpn/ssl/ca.crt
    reneg-sec 216000
    
    ifconfig xx.xx.xx.193 255.255.255.0
    push "route xx.xx.xx.194 255.255.255.0 net_gateway"
    push "route-gateway xx.xx.xx.192"
    push "redirect-gateway def1"
    
    push "dhcp-option DNS 195.159.0.100"
    push "dhcp-option DNS 195.159.0.200"
    
    keepalive 5 60
    comp-lzo
    user nobody
    group nogroup
    persist-key
    persist-tun
    
    log /var/log/openvpn/main204.log
    
    verb 1
    mute 10
    username-as-common-name
    
    tun-mtu 1500
    tun-mtu-extra 32
    max-clients 30
    
    auth-user-pass-verify "/etc/openvpn/script/login.sh" via-env
    
    script-security 3
    tmp-dir "/tmp"
    
    tcp-queue-limit 128
    txqueuelen 200
    tcp-nodelay
    inactive 600
    client-connect /etc/openvpn/script/connect.sh
    client-disconnect /etc/openvpn/script/disconnect.sh
    
    #engine aesni
    cipher aes-128-cbc
    
    I'm using MySQL authentication, so this is the login.sh script:
    Code:
    #!/bin/bash
    . /etc/openvpn/script/config.sh
    ##Authentication
    user_id=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select user_id from ovpnuser where user_id = '$username' AND user_pass = '$password' AND user_enable=1 AND user_start_date != user_end_d$
    ##Check user
    [ "$user_id" != '' ] && [ "$user_id" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1
    
    This is connect.sh script:
    Code:
    #!/bin/bash
    . /etc/openvpn/script/config.sh
    ##insert data connection to table log
    mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "INSERT INTO ovpnlog (log_id,user_id,log_trusted_ip,log_trusted_port,log_remote_ip,log_remote_port,log_start_time,log_end_time,log_received,log_send) V$
    ##set status online to user connected
    mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "UPDATE ovpnuser SET user_online=1 WHERE user_id='$common_name'"
    
    Help, please?
     
  2. Denny

    Denny New Member


    Hey,

    you forget to define the VPN Subnet. Define in your server.conf something like
    Code:
    server 192.168.100.0 255.255.255.0
    This will assign 192.168.100.1 to the openvpn server and all other IPs (192.168.100.2-192.168.100.255) to clients who connected to the server.



    Try this out and if this doesn't help provide us some more information like errors in /var/log/openvpn/main204.log
     
    Last edited: Jul 24, 2013
  3. ioFlare

    ioFlare New Member

    TUN is a bit easier to setup in regards to networking you might want to try that if Dennys suggestion does not work for you.

    Another way that greatly simplifies things is to use Webmin + the openvpn module. I have written a good guide with video on this and it takes less than 15 minutes to setup.

    Install Webmin And OpenVPN On Your Ubuntu Cloud Server
     
    Last edited: Oct 5, 2013
  4. haiduongfun

    haiduongfun New Member

    Thank you it is very useful for me
     

Share This Page