Openvpn client-specific-overrides ip conflicts
Would it be possible to replace the --server option in the openvpn server conf with the explicit declarations for each component, then implement ifconfig-pool as a configurable option on the menu? If ifconfig-pool could be declared as a subset of the available range, client-specific IP addresses could be assigned from outside that range and there would be clarity regarding per-client policy.
Currently, if I assign a specific IP address in the client specific overrides menu, I can set the necessary rules for that IP, but there is no mechanism to prevent another CN from being assigned that IP and being subject to those rules.
In short, it would be very useful to us to have the following situation:
10.x.x.0/25 -> general users
10.x.x.128/26 -> admins (IP assigned by CN)
10.x.x.192/26 -> contractors/trusted partners (IP assigned by CN).
#1 Updated by Aurélien BONANNI about 2 years ago
If we declare ifconfig-pool in custom options, the server doesn't work because of the "server" directive.
We would like this function be integrated.
You could find as an attachement the patch that update the form. Then we have to modify openvpn configuration files.