Re: [Openvpn-users] nginx server seeing non-vpn addres

On 29/07/18 17:35, Andrew Eisenberg wrote: > Hi all, > > My openvpn server is on the same machine as my nginx server. When my clients > make requests to the nginx server, the IP addresses that get logged are the > original, non-vpn address of the client. Here is some more information: > > 1. cl

Re: [Openvpn-users] Switching from topology net30 to subnet

On 06/04/17 19:05, Kapetanakis Giannis wrote: >> so each client will be told that the gateway to send packets to is >> 10.0.0.1; now you're adding a client outside of the regular >> ifconfig-pool: that is perfectly OK, but you then need to tell the >> *SER

Re: [Openvpn-users] Switching from topology net30 to subnet

On 06/04/17 16:59, Jan Just Keijser wrote: > On 06/04/17 15:28, Kapetanakis Giannis wrote: >> >> >> Without wanting to hijack this thread, > well, you are... hence I've changed the subject >> If someone uses the default net30 and wants to migrate to subnet >

Re: [Openvpn-users] IP pool exhaustion issue

On 04/04/17 13:34, David Sommerseth wrote: > On 04/04/17 11:50, Илья Шипицин wrote: >> hello, >> >> you did not use "topology", so, I guess "net30" is used by default. >> if so, you spent 4 addresses per connection. > > Yes --topology net30 is the default. Unfortunately, we cannot easily > change

Re: [Openvpn-users] ipv6 static address with ccd

On 01/02/17 23:21, Gert Doering wrote: >> I don't want that. The IPs from the pool are assigned in a serial way or >> in a random way? > Serial. > >> Is there a way to put an upper limit on the dynamic pool or to make it >> more specific? > It's "server base address plus 0x1000 plus the relative nu

Re: [Openvpn-users] ipv6 static address with ccd

On 01/02/17 18:53, Gert Doering wrote: > Hi, > > On Wed, Feb 01, 2017 at 06:21:27PM +0200, Kapetanakis Giannis wrote: >> everything works fine for dynamic clients, but the clients that have a ccd >> file give error: >> WARNING: if --ifconfig-push is used for IPv4, aut

[Openvpn-users] ipv6 static address with ccd

Hi, I have a working setup of IPv4 openvpn server with dynamic and static addresses with ccd. conf: server 10.66.0.0 255.255.255.0 ccd: ifconfig-push 10.66.1.6 10.66.1.6 I want to extend this setup for ipv6 If I use server-ipv6 server-ipv6 2001:648:2C00:::/64 everything works fine for dy

Re: [Openvpn-users] restrict access to certain users

On 02/04/16 04:57, Eric Crist wrote: > You can create a ccd entry for users with "disable" within to restrict VPN > access. There is no mechanism to send back a reason. > > Eric > > This is what I've been looking for. Thanks both for the answers. maybe custom error message like disable "messag

[Openvpn-users] restrict access to certain users

Hi, Is there an option (i can't find on man) that will allow admin to restrict access to certain users? We use both non-ccd (dynamic IP) and ccd (static IP) configuration on the same service. Right now we assign a static IP (ccd) from a net-block that is blocked by the firewall. Any other ide

[Openvpn-users] Forthcoming OpenSSL releases

Just a heads up on this: https://mta.openssl.org/pipermail/openssl-announce/2016-February/63.html release is due today and it "will fix several security defects with maximum severity "high". No idea if openvpn is affected. regards, G ---

Re: [Openvpn-users] windows start as administrator

On 11/12/15 23:25, Selva Nair wrote: On Fri, Dec 11, 2015 at 2:24 PM, Gert Doering > wrote: Actually this is what people do today (set the shortcut to the gui to "[X] run as admin") to work around the permission issues. I see, so the suggestion is to dis

[Openvpn-users] windows start as administrator

Hi, 90% of our support tickets have to do with our users on windows not running OpenVPN as administrator. Connection seems ok but they disconnect after a while (not able to install routes) which in normal. Is there a way to make OpenVPN installer to mark the file as "Run this Program as Admini

[Openvpn-users] Logjam: new tls/dh attack

Hi, Just a heads up on this new attack https://weakdh.org/ G -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metr