Project

General

Profile

Actions

Bug #11416

open

OpenVPN IPv4 Tunnel Network check

Added by Danilo Zrenjanin 10 months ago. Updated 1 day ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
Start date:
02/13/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

If you enter a host address instead of a network address into the IPv4 Tunnel Network field, the setup will be accepted, but the OpenVPN service will not start.

Status/OpenVpn
Unable to contact daemon

Actions #1

Updated by Jim Pingle 10 months ago

  • Status changed from New to Feedback
  • Target version set to CE-Next

By "host address" do you mean a single IP address without a CIDR mask ("x.x.x.x") or an FQDN?

Actions #2

Updated by Danilo Zrenjanin 10 months ago

A single host address with a CIDR mask. e.g., 10.0.8.1/24.

Actions #3

Updated by Jim Pingle 10 months ago

  • Status changed from Feedback to New

OK so you literally meant a host address inside a network, and not the network address.

We could do one of two things here:

  • Have input validation reject the input if the address is not the network address for the subnet (harsh)
  • Change the host address the user input into the appropriate network address on save (easier for the user, but the change may surprise them)

I'm leaning toward the latter approach, and note under the field that it should be/will be changed to a network address

Actions #4

Updated by Viktor Gurov 1 day ago

openvpn_validate_tunnel_network() implemented in #2668 do not allow to enter IP addresses

I think this issue can be closed

Actions #5

Updated by Jim Pingle 1 day ago

I'm not seeing any change in behavior from before here. On a 2.6.0 snapshot I can still enter a host IP address inside the tunnel network (e.g. 10.6.29.1/24) and the GUI accepts it as the tunnel network.

Actions

Also available in: Atom PDF