Project

General

Profile

Actions

Bug #13133

closed

OpenVPN ``client-connect`` file contains ``topology``

Added by Marcos Mendoza about 2 months ago. Updated 26 days ago.

Status:
Resolved
Priority:
Normal
Category:
OpenVPN
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
22.05
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

The client-connect file has topology included when using RADIUS attributes. This leads to the following logs in the client:

May 5 21:44:39     openvpn     88752     Options error: option 'topology' cannot be used in this context (/tmp/openvpn_cc_2480698be6a7da1a526c4fb415d73570.tmp) 
May 5 21:44:39     openvpn     88752     MULTI: Learn: 172.25.1.50 -> example/10.0.5.50:57876 
May 5 21:44:39     openvpn     88752     MULTI: primary virtual IP for example/10.0.5.50:57876: 172.25.1.50
May 5 21:44:39     openvpn     88752     Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
May 5 21:44:39     openvpn     88752     Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
May 5 21:44:39     openvpn     88752     SENT CONTROL [example]: 'PUSH_REPLY,dhcp-option DOMAIN example.net,dhcp-option DNS 172.20.5.1,route 172.20.5.0 255.255.255.0,client-nat dnat 172.20.5.0 255.255.255.0 10.0.5.0,route 172.20.10.0 255.255.255.0,client-nat dnat 172.20.10.0 255.255.255.0 10.0.10.0,route-gateway 172.25.1.1,topology subnet,ping 2,ping-restart 20,ifconfig 172.25.1.50 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
May 5 21:44:39     openvpn     53113     openvpn server 'ovpns1' user 'example' address '10.0.5.50:57876' - connected

I haven't found any documentation that indicates topology should be included in this file. Removing topology from the file still lets the client connect normally. The PUSH_REPLY log shows that topology is specified regardless of it being in the client-connect file.

Given the above, the option should likely be removed.

For reference, this was introduced here: 1492e02cb4f48de3ff33ed4d4db013aac00087d3

Actions #2

Updated by Marcos Mendoza about 2 months ago

  • Status changed from New to Pull Request Review
Actions #3

Updated by Jim Pingle about 2 months ago

  • Target version set to 2.7.0
  • Plus Target Version set to 22.05
Actions #4

Updated by Marcos Mendoza about 2 months ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Jim Pingle about 2 months ago

  • Subject changed from OpenVPN client-connect file contains topology to OpenVPN ``client-connect`` file contains ``topology``
Actions #6

Updated by Jim Pingle 28 days ago

  • Assignee set to Marcos Mendoza
Actions #7

Updated by Jim Pingle 26 days ago

  • Status changed from Feedback to Resolved

Seems to be OK. No error in the client log now, client still gets a proper address using the correct topology

Actions

Also available in: Atom PDF