Tweet
EDIT:
I don't know why this post was moved to here, but I'm using the community edition, so I'm not sure if it was moved to the right place.
Server:
client-connect.sh:
Client:
Problem:
When I try to connect to my server either with the iOS OpenVPN Connect App (3.5.0) or macOS OpenVPN Connect App (3.8.2) I get the following error message:
which is strange since I'm not using a net30 topology.
If I use the exact same client configuration file on Tunnelblick (4.0.1) the client is able to connect without any issue or warning.
I don't know why this post was moved to here, but I'm using the community edition, so I'm not sure if it was moved to the right place.
Server:
- Server is running OpenVPN 2.6.9 x86_64-pc-linux-gnu on a Ubuntu Server 24.04.1 LTS
- Server uses Freeradius 3.2.5 for authentication and to send "Framed-IP-Address" attribute to each client
- client-connect.sh is used to provide additional client configurations
- The server is configured this way in order to provide client-to-client isolation
Code:
port 443 proto tcp-server dev-type tun tun-mtu 1500 topology p2p mode server tls-server ifconfig 100.64.0.1 100.64.0.2 route 100.64.0.0 255.255.0.0 push "route 100.64.0.0 255.255.0.0 vpn_gateway" ca ca.crt cert server.crt key server.key dh dh.pem tls-auth ta.key 0 script-security 3 verify-client-cert none username-as-common-name auth SHA256 auth-nocache cipher AES-256-GCM plugin /usr/lib/openvpn/radiusplugin.so radiusplugin.cnf client-config-dir /etc/openvpn/server/ccd client-connect /etc/openvpn/server/client-connect.sh client-disconnect /etc/openvpn/server/client-disconnect.sh keepalive 10 120 persist-key persist-tun verb 3
Code:
#!/bin/bash
echo "ifconfig-push ${ifconfig_pool_remote_ip} ${route_vpn_gateway}" > "$1"
echo "push \"route 100.64.0.0 255.255.0.0 ${route_vpn_gateway}\"" >> "$1"
Code:
client remote server.ip.com proto tcp port 443 dev-type tun tun-mtu 1500 nobind auth SHA256 auth-nocache resolv-retry infinite connect-retry 5 60 user nobody group nogroup persist-key persist-tun auth-user-pass remote-cert-tls server cipher AES-256-GCM verb 3 <ca> -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- </ca> key-direction 1 <tls-auth> -----BEGIN OpenVPN Static key V1----- -----END OpenVPN Static key V1----- </tls-auth>
When I try to connect to my server either with the iOS OpenVPN Connect App (3.5.0) or macOS OpenVPN Connect App (3.8.2) I get the following error message:
tun_prop_error: ifconfig addresses are not in the same /30 subnet (topology net30)
If I use the exact same client configuration file on Tunnelblick (4.0.1) the client is able to connect without any issue or warning.