[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVpn 2.0 RC2

  • Subject: Re: [Openvpn-users] OpenVpn 2.0 RC2
  • From: Jason Hildebrand <jason@xxxxxxxxxxxxx>
  • Date: Mon, 20 Dec 2004 16:40:50 -0600

On Mon, 2004-12-20 at 17:01 -0500, Keith Beidelman wrote:
> 1) There should be a difference between the subnet specified in the
> server statement, and the dynamic IP allocation range.  I wanted to setup a
> list of clients which should get static IP addresses, and let the server
> allocate one dynamically to anyone not on the list.  Both the static and
> dynamic IP's must be in the TAP subnet.  The server sees to want to allocate
> IP's over the entire range mentioned in the SERVER subnet, and I need a way
> to disallow a small range to be used for static IP's.  I thought the
> IFCONFIG-POOL keyword would do this, but I got a message that said it was
> not allowed with SERVER.  It appears that the server always allocates IP's
> from low numbers to high numbers, so for now, I put my static IP's at the
> high end (just before the broadcast address).  I also set a maximum clients
> to less that the number of IP's available before a collision.

I have similar requirements, namely static IPs in the tun subnet for
office-to-office connections, and dynamic IPs for dialup/mobile users.

I solved this by leaving some space for the office IPs at the beginning of 
my pool.  Then I use the client-config-dir and create config files for the
office-to-office connections.  In those files, I use the 'push-restart'
directive to override the dynamic IP, and use 'ifconfig-push' to send the static
IP to the remote office.  So far, I haven't needed to use any client-connect


Openvpn-users mailing list