Gavin Hamill wrote:
After having used OpenVPN on Linux successfully for 2 years, I'm setting
up a new server on Windows (not my choice...) and whilst I can get it
running, only a single client can connect at any one time. Multiple
clients fight each other for control of the same client IP.
The server package is 2.0.9 (with 1.0.3 GUI) from www.openvpn.se
server 10.6.50.0 255.255.255.0
push "route 10.6.0.0 255.255.0.0"
push "dhcp-option WINS 10.6.1.245"
push "dhcp-option DNS 10.6.1.245"
push "dhcp-option DOMAIN ourdomain.com"
keepalive 10 12
This config looks fine. The server will listen for connections and
allow up to 6 clients to connect giving them an IP on the 10.6.50.0/24
I have created five additional TAP-Win32 adapters to match the
max-clients 6 statement.
You only need 1 device per VPN. The fact that you may connect up to 6
clients doesn't matter - you could connect thousands of clients and
would still only need a single TAP/TUN device on the server.
2.0.9 is also in use on the client, an example of whose config is here.
remote XX.XX.XX.XX 1194
This config also looks fine based on your server config above.
The server only assigns an IP address to the "OpenVPN 1" adapter of
10.6.50.1 netmask 255.255.255.252- even though the client gets an IP of
10.6.50.6, with the server pingable at 10.6.50.5.
Yes, this is normal. In tun mode a server allocates /30 subnets to
connecting clients for compatibility with Windows clients. Each client
will have access to the 10.6.50.0/24 network with a custom route that is
pushed with the `server` directive on your VPN server. You've also
pushed a 10.6.0.0/16 super-route, so clients will also have a route to
reach those networks by routing through the VPN server.
Insure your clients have the TAP adapter set to DHCP in the TCP/IP
properties because the server will not hand out an IP to another client
if it has already been assigned to a different VPN client. If you're
still not sure what the cause of the problem is check both the server
and client logs which will show what address is being handed out by the
server and applied by the client.
Description: OpenPGP digital signature