Bug #12497
closed
OpenVPN Server assignes random IPv4 addresses to active clients even if FreeRadius has configured Framed-IP for all these remote clients
0%
Description
For Remote Access OpenVPN Server all connected clients still gets IP-addresses from OpenVPN pool instead of getting configured Framed-IPs from FreeRadius.
I run Packet Capture and caught traffic between pfSense and FreeRadius (pcap_with_radius.png) and I saw that FreeRadius sent correct Framed-IP (vpnuser_IPv4_and_IPv6_attributes.png) in its response but still OpenVPN client got random IP-address (ifconfig_Ubuntu.png) from OpenVPN pool.
Viktor found this link: https://serverfault.com/questions/796872/openvpn-radius-plugin-does-not-assign-framed-ip-address-from-freeradius-to-clien
and adding 'client-config-dir clients' option into 'Additional configuration options' (OpenVPN/Client Export Utility) helped to fix it and after redownloading new ovpn file I saw correct (Framed-IP) on remote client with active OpenVPN tunnel.
But only Framed-IPv4 attributes work. Framed-IPv6 attributes don't work: https://redmine.pfsense.org/issues/12496
Files
| pcap_with_radius.png (98 KB) pcap_with_radius.png | |||
| ifconfig_Ubuntu.png (17.9 KB) ifconfig_Ubuntu.png | |||
| vpnuser_IPv4_and_IPv6_attributes.png (94.5 KB) vpnuser_IPv4_and_IPv6_attributes.png |
Related issues
Updated by Viktor Gurov over 2 years ago
- Project changed from pfSense Plus to pfSense
- Category changed from OpenVPN to OpenVPN
- Affected Version set to 2.6.0
Updated by Viktor Gurov over 2 years ago
- Is duplicate of Bug #12076: OpenVPN RADIUS-based firewall rules do not use expected value for RADIUS-assigned IP addresses added