I have a config at the moment which is working almost fine until some clients connect, the server starts to kick the clients off from the server or something like that. As I have checked every clients get a good IP address and there is no IP address collision. The clients are using different certificates to connect. However I want to change this config to separate the DHCP range.
The current server config is this:
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
server 10.8.0.0 255.255.255.0
topology subnet
push "route 10.8.0.1 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
ifconfig-pool-persist ipp.txt
client-config-dir /etc/openvpn/ccd
client-to-client
keepalive 10 300
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /etc/openvpn/openvpn-status.log
verb 6
I would like to have dynamic IPs assigned from this range:
10.8.1.0 – 10.8.1.254
For this, I would like to use a /23, so 255.255.254.0
And I will assign static IPs from this range:
10.8.0.3 – 10.8.1.255 as 0.1 and 0.2 might be assigned to the server.
I will use this to push to client for static ip:
ifconfig-push 10.8.0.5 255.255.254.0
Could you please help me to modify my config to achieve this?
So split my 10.8.0.0-10.8.1.255 range to two:
- static IPs: 10.8.0.4-10.8.0.255
- dynamic IPs: 10.8.1.0-10.8.1.254
I will have Linux and Windows clients too.
Best Answer
OK finally it is solved with some changes on the config file: