|
|
Hi, First of all, I would like to say this is definitely a great product! I had something up and running within half an hour or so, between a Linux server and a Windows XP client. Of course, it's the tweaking that takes most of the time :-) I am running OpenVPN 2.0_beta2 on both the Linux server and the windows client(s). Furthermore, I have configured the server in multi-client mode, with TLS authentication/encryption. I want to set up a bridging configuration where a windows client (roadwarrior) logs on the VPN and gets an IP adres from the DHCP server in the Office LAN. This is working, sort of. The Win32-TAP driver gets it's IP address from the Office DHCP server perfectly. But it's not a very elegant solution because the OpenVPN Windows client will always startup with the following warnings: Tue Jun 01 18:37:19 2004 ******** NOTE: Please manually set the IP/netmask of 'VPN Tunnel' to 0.0.0.0/255.255.255.0 (if it is not already set) Tue Jun 01 18:37:20 2004 WARNING: Actual Remote Options ('V3,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server') are inconsistent with Expected Remote Options ('V3,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,ifconfig ,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server') Of course, it works, but I would like to have a clean configuration where I only get the warnings/errors that really matter. I tried serveral combinations of setting ifconfig, ifconfig-pool, etc. on the server-side and on the client-side. At the client-side I also tried to play with the ip-win32 options. My config files: Server: ------- port 5000 dev tap0 mode server client-to-client tun-mtu 1500 # TLS parameters tls-server ca keys/ca.crt cert keys/inter.crt key inter.key dh dh1024.pem user nobody group nobody comp-lzo ping 10 ping-exit 180 inactive 3600 ping-timer-rem persist-tun persist-key verb 1
remote office_openvpn_server tun-mtu 1500 mssfix 1000 ifconfig 0.0.0.0 255.255.255.0 ifconfig-noexec ifconfig-nowarn ip-win32 dynamic # TLS parms tls-client ca keys/ca.crt cert keys/client.crt key keys/client.key ping 10 ping-restart 90 comp-lzo verb 3 mute 5 Is there a way to totally disable the ifconfig/ip-address assignment mechanisms of openvpn and to only let the TAP adapter request an ip address on the regular office DHCP server? With kind regards, Eymert Versteegt begin:vcard fn:Eymert Versteegt n:Versteegt;Eymert adr:;;;;;;Netherlands, the email;internet:eymert@xxxxxxxxxxxxx note;quoted-printable:ICQ: 7243180=0D=0A= MSN: eymert@xxxxxxxxxxxxx x-mozilla-html:FALSE version:2.1 end:vcard Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-06/msg00042.html on line 265 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-06/msg00042.html on line 265 |