Bug #7574
closed
openvpn ifconfig using IP instead of subnet mask
0%
Description
/etc/inc/openvpn.inc
The openvpn manual says:
Note: Using - -topology subnet changes the interpretation of the
arguments of - -ifconfig to mean "address netmask", no longer "local
remote".
And also says:
TUN devices in - -topology subnet mode (which create virtual
"multipoint networks"), - -ifconfig is used to set an IP address
and subnet mask ...
(The manual example also shows it.)
But openvpn.inc when using tun still sets ifconfig (conf option)
using $ip1 for client and $ip2 for server instead of the $mask.
I didn't test this but doesn't follow the docs.
This may need fixed so second argument is the mask.
I did read
https://forum.pfsense.org/index.php?topic=103331.0
(I noticed this while working on my book.
My list of bugs is at http://reedmedia.net/books/pfsense/bugs.html )
Updated by Jim Pingle over 7 years ago
- Category changed from VPN (Multiple Types) to OpenVPN
- Status changed from New to Rejected
It's not that cut and dried.
Point-to-Point modes still use "IP1 IP2" style, which includes Shared Key, SSL/TLS with a /30 tunnel network, and topology net30 setups. Tap and topology subnet use "IP mask". For each of these different scenarios we use the appropriate configuration lines.
All of these modes work, so what is the actual bug here? If it was using the incorrect syntax, OpenVPN would be failing. Loudly.