Score:1

Openvpn client mismatch subnet from OpenVPN server

in flag

I set up an OpenVPN server-client with VPN IP: 10.99.0.0/20, but the client has the subnet of /24

Server:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: thcclnohiyi2frl: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/ether 46:ee:65:f4:78:a7 brd ff:ff:ff:ff:ff:ff
    inet 10.99.0.1/20 brd 10.99.15.255 scope global thcclnohiyi2frl
       valid_lft forever preferred_lft forever
310: eth0@if311: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:12:00:16 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.18.0.22/16 brd 172.18.255.255 scope global eth0
       valid_lft forever preferred_lft forever

Client:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if1384: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default 
    link/ether 8e:ec:e1:90:78:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.244.2.239/24 brd 10.244.2.255 scope global eth0
       valid_lft forever preferred_lft forever
4: kengine: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/ether 0a:36:9d:4a:67:cb brd ff:ff:ff:ff:ff:ff
    inet 10.99.0.2/24 brd 10.99.0.255 scope global kengine
       valid_lft forever preferred_lft forever

Server config:

port 10021
proto tcp-server
reneg-sec 0
explicit-exit-notify 0
dev-type tap
dev thcclnohiyi2frl
ca ca.crt
cert bke-vpn.crt
key bke-vpn.key                                                                                                                                       
dh dh.pem                                                                
key-direction 0                                                                                                                                       
<tls-auth>                                                                                          
</tls-auth>                                   
server 10.99.0.0/20 255.255.240.0 
route-up scripts/thcclnohiyi2frl-fw-up.sh                                                                                      
down scripts/thcclnohiyi2frl-fw-down.sh   
script-security 3           
client-config-dir ccd/thcclnohiyi2frl          
client-to-client            
keepalive 20 60                                
comp-lzo  
persist-key     
persist-tun
status /var/log/openvpn/thcclnohiyi2frl/openvpn-status.log
log-append /var/log/openvpn/thcclnohiyi2frl/openvpn.log
verb 3             
mute 20  

Client config

client
dev kengine
dev-type tap
reneg-sec 0
proto tcp-client
remote xxx.xx.xx.xxx 10021
resolv-retry infinite
nobind
<ca>
<key>
<cert>
remote-cert-tls server
key-direction 1
script-security 3
keepalive 10 60
persist-key
persist-tun
comp-lzo
verb 3
pull-filter ignore "route-gateway"

So can anyone help me know why and how to fix the problems ?

Score:0
ng flag

It looks like you have an error in your server config file.

server 10.99.0.0/20 255.255.240.0

Should be:

server 10.99.0.0 255.255.240.0

leminhquan avatar
in flag
I change the config and seem it not the problems
Appleoddity avatar
ng flag
@leminhquan Did you restart the openvpn daemon and re-establish the VPN connection?
leminhquan avatar
in flag
sure, I already restart openvpn after every change on both client and server
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.