dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity

roles/dch-openvpn-server: Correct routes

Browse Source 
The `ifconfig` global directive specifies the IP address added to the
tunnel interface device, not the network. The `push route` directives
need to include this address to correctly send route information to
clients.
This commit is contained in:
Dustin
2018-07-01 16:47:43 -05:00
parent 036234bba5
commit 03e5764de1
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/dch-openvpn-server/files/clients/dhatch-d4b.securepassage.com
View File

@@ -1,5 +1,5 @@
ifconfig-push 172.30.0.210 255.255.255.240 ifconfig-push 172.30.0.210 255.255.255.240
iroute 192.168.0.0 255.255.0.0 iroute 192.168.0.0 255.255.0.0
iroute 172.16.0.0 255.255.240.0 iroute 172.16.0.0 255.255.240.0
push "route 172.30.0.0 255.255.255.192" push "route 172.30.0.0 255.255.255.192 172.30.0.209"
push "route 172.31.0.0 255.255.255.224" push "route 172.31.0.0 255.255.255.224 172.30.0.209"

2
roles/dch-openvpn-server/templates/pyrocufflink.openvpn.conf.j2
View File

@@ -11,7 +11,7 @@ dh dh2048.pem
topology subnet topology subnet
push "topology subnet" push "topology subnet"
ifconfig 172.30.0.208 255.255.255.240 ifconfig 172.30.0.209 255.255.255.240
route 192.168.0.0 255.255.0.0 172.30.0.210 route 192.168.0.0 255.255.0.0 172.30.0.210
route 172.16.0.0 255.255.240.0 172.30.0.210 route 172.16.0.0 255.255.240.0 172.30.0.210
client-to-client client-to-client