OpenVPN server does not assign IP-addresses.

Discussion in 'Technical' started by NovaDecker, Jul 24, 2013.

  1. NovaDecker

    NovaDecker New Member

    I have a VPS with these public IP-addresses:
    xx.xx.xx.192 (This IP-address is assigned to eth0)

    eth0 is configured with static IP. Gateway is xx.xx.xx.254, netmask is
    ipv4_forward is 1.
    I have no iptables rules yet. This server is not standing behind a NAT-restricted network.
    (I don't need to open ports for services anywhere, just set up the service and connect to the server via the port.)

    I want to make that the OpenVPN server assigns all the public IPs to the clients, except .192, of course.

    But when I connect to the OpenVPN server, I does not get a IP-address. Windows just set IP-address to the 169.xx.xx.xx address (local only)

    I tried to make the TAP-adapter to have a static IP-address, xx.xx.xx.194 with xx.xx.xx.192 as gateway, and as netmask.
    Now I can't connect something with this IP. My computer tries to reach the destination with the TAP-adapter first, then it gives up and use my default network connection instead. (WLAN)

    This is the config of OpenVPN server, do I miss something?
    mode server
    dev tap
    port 1197
    proto udp
    local xx.xx.xx.192
    dh /etc/openvpn/ssl/dh1024.pem
    cert /etc/openvpn/ssl/server.crt
    key /etc/openvpn/ssl/server.key
    ca /etc/openvpn/ssl/ca.crt
    reneg-sec 216000
    ifconfig xx.xx.xx.193
    push "route xx.xx.xx.194 net_gateway"
    push "route-gateway xx.xx.xx.192"
    push "redirect-gateway def1"
    push "dhcp-option DNS"
    push "dhcp-option DNS"
    keepalive 5 60
    user nobody
    group nogroup
    log /var/log/openvpn/main204.log
    verb 1
    mute 10
    tun-mtu 1500
    tun-mtu-extra 32
    max-clients 30
    auth-user-pass-verify "/etc/openvpn/script/" via-env
    script-security 3
    tmp-dir "/tmp"
    tcp-queue-limit 128
    txqueuelen 200
    inactive 600
    client-connect /etc/openvpn/script/
    client-disconnect /etc/openvpn/script/
    #engine aesni
    cipher aes-128-cbc
    I'm using MySQL authentication, so this is the script:
    . /etc/openvpn/script/
    user_id=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select user_id from ovpnuser where user_id = '$username' AND user_pass = '$password' AND user_enable=1 AND user_start_date != user_end_d$
    ##Check user
    [ "$user_id" != '' ] && [ "$user_id" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1
    This is script:
    . /etc/openvpn/script/
    ##insert data connection to table log
    mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "INSERT INTO ovpnlog (log_id,user_id,log_trusted_ip,log_trusted_port,log_remote_ip,log_remote_port,log_start_time,log_end_time,log_received,log_send) V$
    ##set status online to user connected
    mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "UPDATE ovpnuser SET user_online=1 WHERE user_id='$common_name'"
    Help, please?
  2. Denny

    Denny New Member


    you forget to define the VPN Subnet. Define in your server.conf something like
    This will assign to the openvpn server and all other IPs ( to clients who connected to the server.

    Try this out and if this doesn't help provide us some more information like errors in /var/log/openvpn/main204.log
    Last edited: Jul 24, 2013
  3. ioFlare

    ioFlare New Member

    TUN is a bit easier to setup in regards to networking you might want to try that if Dennys suggestion does not work for you.

    Another way that greatly simplifies things is to use Webmin + the openvpn module. I have written a good guide with video on this and it takes less than 15 minutes to setup.

    Install Webmin And OpenVPN On Your Ubuntu Cloud Server
    Last edited: Oct 5, 2013
  4. haiduongfun

    haiduongfun New Member

    Thank you it is very useful for me

Share This Page