On 06/04/17 16:59, Jan Just Keijser wrote: > On 06/04/17 15:28, Kapetanakis Giannis wrote: >> >> >> Without wanting to hijack this thread, > well, you are... hence I've changed the subject >> If someone uses the default net30 and wants to migrate to subnet >> topology >> would there be conflicts with the following setup: >> >> server 10.0.0.0 255.255.255.0 (dynamic assignments) >> and ccds like: >> ifconfig-push 10.0.10.1 255.255.255.0 (static assignments) >> >> This kind of "different subnetting" works ok with net30. Will it >> still work with subnet? >> How would clients reach server, since now you don't have local remote >> in --ifconfig-push >> >> > you can make this kind of networking work in 'topology subnet' also, > but there might be some caveats. > According to the OpenVPN man page, the statement > server 10.0.0.0 255.255.255.0 > is expanded to > mode server > tls-server > ifconfig 10.0.0.1 255.255.255.0 > ifconfig-pool 10.0.0.2 10.0.0.254 255.255.255.0 > push "route-gateway 10.0.0.1" > > so each client will be told that the gateway to send packets to is > 10.0.0.1; now you're adding a client outside of the regular > ifconfig-pool: that is perfectly OK, but you then need to tell the > *SERVER* that packets coming from 10.0.10.1/24 are OK: it might > actually be quicker to widen the subnet mask on the server tun adapter > to something that includes 10.0.10 also - but this applies in both > net30 and subnet mode, so how are you covering this now? > > Of course, an example like this is covered in my OpenVPN cookbook ;) > > HTH, > > JJK
I don't want to widen the /24 base network because like this dynamic clients might get IPs from my static net blocks. In net30 now I also have route 10.0.0.0 255.255.0.0 which does the job G ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users