Score:0

Server

OpenVPN clients still getting assigned same ip with duplicate-cn in server config

bob mcgrath

1/26/23, 11:37 PM

Clients are still getting assigned same ip as each other even with duplicate-cn in server the config. I can't figure out what I'm doing wrong. I've restarted all the machines involved after changing the config. Here is my server.conf.

port 1194
proto tcp6
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 1.1.1.1"
push "redirect-gateway def1 bypass-dhcp"
server-ipv6 fd42:42:42:42::/112
tun-ipv6
push tun-ipv6
push "route-ipv6 2000::/3"
push "redirect-gateway ipv6"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_PxV2VymBrucFUPiE.crt
key server_PxV2VymBrucFUPiE.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
duplicate-cn
client-to-client
verb 3

193

0 + 0

linux

openvpn

Michael Hampton

1/27/23, 12:37 AM

You didn't check the logs. Look at the log entries.

bob mcgrath

1/27/23, 1:09 AM

@MichaelHampton /var/log/openvpn/status.log is empty. is there somewhere else to look?

Michael Hampton

1/27/23, 1:20 AM

You didn't configure a log location, so they will be sent to syslog.

bob mcgrath

1/27/23, 1:22 AM

Thanks @MichaelHampton. There's nothing particularly interesting there. It just says this over and over. ```Sep 27 01:05:48 localhost systemd[1]: Started OpenVPN connection to server. Sep 27 01:05:53 localhost systemd[1]: Stopped OpenVPN connection to server. Sep 27 01:05:53 localhost systemd[1]: Starting OpenVPN connection to server... Sep 27 01:05:53 localhost ovpn-server[19070]: OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021 ```

bob mcgrath

1/27/23, 1:23 AM

It does think it's tomorrow for some reason. not sure if that matters.

Michael Hampton

1/27/23, 1:24 AM

You need to go back to the time that the actual problem was happening.

bob mcgrath

1/27/23, 1:25 AM

@MichaelHampton When I try to log in to two clients at the same time they both keep trying to reconnect after an initial successful connection. Otherwise I have not logged in nearly as many times as it's logges, so I think I'm looking at the right time.

bob mcgrath

1/27/23, 1:34 AM

same results with ver set to 11

bob mcgrath

1/27/23, 1:54 AM

@MichaelHampton I moved the config file and restarted via systemd and everything is working the same.. maybe I'm not using the config that I think I am, but I'm not sure how to check.

bob mcgrath

1/27/23, 2:04 AM

could it have something to do with ipp.txt?

Michael Hampton

1/27/23, 2:44 AM

Yes, that would be it. You chose to have each user's IP address persist between logins, but then you made everyone the same user.

bob mcgrath

1/27/23, 2:50 AM

@MichaelHampton commenting it out does not fix the problem

bob mcgrath

1/27/23, 3:03 AM

@MichaelHampton I did manage to get some more out of syslog. https://dpaste.org/OhYU

bob mcgrath

1/27/23, 6:08 AM

@MichaelHampton I'm not sure what the root problem is, but I burned everything to the ground and started over and now it works. thanks for your help

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: OpenVPN clients still getting assigned same ip with duplicate-cn in server config

TH: ไคลเอนต์ OpenVPN ยังคงได้รับ ip เดียวกันกับ duplicate-cn ในการกำหนดค่าเซิร์ฟเวอร์

RO: Clienții OpenVPN încă primesc același ip cu duplicate-cn în configurarea serverului

RU: Клиентам OpenVPN по-прежнему назначается тот же IP-адрес с дубликатом-cn в конфигурации сервера

VI: Các máy khách OpenVPN vẫn được gán cùng một ip với trùng lặp-cn trong cấu hình máy chủ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.