[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] CCD Mess

Subject: [Openvpn-users] CCD Mess
From: Karol Makowski <karol.makowski@xxxxxxxxxx>
Date: Wed, 04 Jan 2006 12:52:27 +0100

Hi

I can't get ccd working for some clients. Strange, because they get other clients IPs or IPs that aren't configured for ovpn clients.

Mon Jan 2 20:12:17 2006 80.53.191.182:3173 VERIFY OK: depth=1, /C=PL/ST=DOLNOSLASKIE/L=WROCLAW/O=KOELNER_SA/emailAddress=ssl@xxxxxxxxxx Mon Jan 2 20:12:17 2006 80.53.191.182:3173 VERIFY OK: depth=0, /C=PL/ST=DOLNOSLASKIE/O=KOELNER_SA/CN=mbchyla/emailAddress=ssl@xxxxxxxxxx Mon Jan 2 20:12:17 2006 80.53.191.182:3173 [mbchyla] Peer Connection Initiated with 80.53.191.182:3173 Mon Jan 2 20:12:17 2006 mbchyla/80.53.191.182:3173 MULTI: Learn: 10.50.0.42 -> mbchyla/80.53.191.182:3173 Mon Jan 2 20:12:17 2006 mbchyla/80.53.191.182:3173 MULTI: primary virtual IP for mbchyla/80.53.191.182:3173: 10.50.0.42 Mon Jan 2 20:12:18 2006 mbchyla/80.53.191.182:3173 PUSH: Received control message: 'PUSH_REQUEST'

cat /etc/openvpn/ccd/mbchyla:
ifconfig-push 10.50.0.30 10.50.0.29

ls -l /etc/openvpn/ccd/mbchyla -rw-r--r-- 1 root root 38 Jan 2 11:47 /etc/openvpn/ccd/mbchyla (rights to directories are OK too, everyone can read /etc/openvpn and /etc/openvpn/ccd)

grep 10.50.0.42 /etc/openvpn/ccd/*
/etc/openvpn/ccd/zgrostec:ifconfig-push 10.50.0.42 10.50.0.41

So as you see user 'mbychyla' gets 'zgrostec' ip address and 'zgrostec' gets ip which isn't configured for openvpn:

Tue Jan  3 15:25:26 2006 217.99.192.166:1064 VERIFY OK: depth=1, /C=PL/ST=DOLNOSLASKIE/L=WROCLAW/O=KOELNER_SA/emailAddress=ssl@xxxxxxxxxx
Tue Jan  3 15:25:26 2006 217.99.192.166:1064 VERIFY OK: depth=0, /C=PL/ST=DOLNOSLASKIE/O=KOELNER_SA/CN=zgrostec/emailAddress=ssl@xxxxxxxxxx Tue Jan  3 15:25:27 2006 zgrostec/217.99.192.166:1064 MULTI: Learn: 10.50.0.46 -> zgrostec/217.99.192.166:1064
Tue Jan  3 15:25:27 2006 zgrostec/217.99.192.166:1064 MULTI: primary virtual IP for zgrostec/217.99.192.166:1064: 10.50.0.46
Tue Jan  3 15:25:28 2006 zgrostec/217.99.192.166:1064 PUSH: Received control message: 'PUSH_REQUEST'

I identify users by adding their login (which is a ccd name) as CommonName in cert. I use "build-key" to generate certs.

Funny thing that i always get same, good IP address.

# openvpn --version
OpenVPN 2.0.2 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Oct  9 2005

Any ideas? Clients are using windows port of Openvpn with GUI.

--
Karol Makowski
mailto: Karol.Makowski@xxxxxxxxxx
mobile: +48 661 94 00 57
office: +48 71 326 01 00 * 287


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-01/msg00056.html on line 212

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-01/msg00056.html on line 212