×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

problems sharing same subnet using TCP and UDP in OpenVPN

problems sharing same subnet using TCP and UDP in OpenVPN

problems sharing same subnet using TCP and UDP in OpenVPN

(OP)
I keep having problems with some remote client machines trying to connect to my OpenVPN server using UDP. I've set up a second instance of OpenVPN on my server to receive TCP. The problem is that I can't figure out how to have both instances assign clients to share the same network subnet so that a client machine will get the same VPN IP address regardless of whether it connects with UDP or TCP. I use ccd to assign particular VPN IP addresses to clients.

Please note that the basic setup works ok with either TCP or UDP so long as different subnets are used. I just can't share the same subnet, which is why I'm asking for help.

Here's a ccd for a client:

ifconfig-push 10.254.0.81 10.254.0.82

Here's a part of the config file for the OpenVPN server that uses UDP (it creates tun254):

proto tcp-server

mode server
tls-server
ifconfig 10.254.0.1 10.254.0.2
ifconfig-pool 10.254.1.5 10.254.3.251
route 10.254.0.0 255.255.252.0
push "route 10.254.0.0 255.255.252.0"

Here's a part of the config file for the OpenVPN server that uses TCP (it creates tun255):

proto tcp-server

mode server
tls-server
ifconfig 10.254.2.1 10.254.2.2
push "route 10.254.0.0 255.255.252.0"

Note that I use the UDP server to setup the local routing in the 10.254.0.0/22 subnet and to assign the IP-address pool since I want them common to both instances.

Here are the resulting routes on the server:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.254.2.2      *               255.255.255.255 UH    0      0        0 tun255
10.254.0.2      *               255.255.255.255 UH    0      0        0 tun254
192.168.192.0   *               255.255.255.0   U     0      0        0 eth0
10.254.0.0      10.254.0.2      255.255.252.0   UG    0      0        0 tun254
default         192.168.192.1   0.0.0.0         UG    100    0        0 eth0

Here are the resulting routes on a client:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.254.0.82     *               255.255.255.255 UH    0      0        0 tun254
192.168.192.0   *               255.255.255.0   U     0      0        0 eth0
10.254.0.0      10.254.0.82     255.255.252.0   UG    0      0        0 tun254
default         192.168.192.1   0.0.0.0         UG    100    0        0 eth0

Clients that use UDP are able to ping ok. Clients that use TCP cannot. What am I doing wrong ?

Thank you in advance for your help.

-- NewtownGuy
 

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close