openvpn ifconfig using IP instead of subnet mask
The openvpn manual says:
Note: Using - -topology subnet changes the interpretation of the
arguments of - -ifconfig to mean "address netmask", no longer "local
And also says:
TUN devices in - -topology subnet mode (which create virtual
"multipoint networks"), - -ifconfig is used to set an IP address
and subnet mask ...
(The manual example also shows it.)
But openvpn.inc when using tun still sets ifconfig (conf option)
using $ip1 for client and $ip2 for server instead of the $mask.
I didn't test this but doesn't follow the docs.
This may need fixed so second argument is the mask.
(I noticed this while working on my book.
My list of bugs is at http://reedmedia.net/books/pfsense/bugs.html )
#1 Updated by Jim Pingle over 1 year ago
- Category changed from VPN to OpenVPN
- Status changed from New to Rejected
It's not that cut and dried.
Point-to-Point modes still use "IP1 IP2" style, which includes Shared Key, SSL/TLS with a /30 tunnel network, and topology net30 setups. Tap and topology subnet use "IP mask". For each of these different scenarios we use the appropriate configuration lines.
All of these modes work, so what is the actual bug here? If it was using the incorrect syntax, OpenVPN would be failing. Loudly.