Openvpn client ccd

Autogenerated by interfaces-openvpn.py

The autogenerated file contains an incorrect ifconfig-push directive. The line in the file is:
ifconfig-push 192.168.199.153 255.255.255.0
However, the intended configuration should be:
ifconfig-push 192.168.199.153 192.168.199.154
The issue is that the second parameter in the autogenerated line specifies a subnet mask (255.255.255.0) instead of the gateway address for the VPN client. The correct format requires the gateway address (192.168.199.154 in this case) as the second parameter to properly configure the client’s network settings within the OpenVPN environment.

Is this when using push route option?

When I configure the following command:
set interfaces openvpn vtun10 server client username ip ‘192.168.199.153’

Can you share your openvpn config omitting keys etc

show configuration commands | strip-private | grep openVPN

show configuration commands | strip-private | grep openvpn
set interfaces openvpn vtun10 encryption cipher ‘aes256’
set interfaces openvpn vtun10 hash ‘sha512’
set interfaces openvpn vtun10 local-host ‘xxx.xxx.188.110’
set interfaces openvpn vtun10 local-port ‘1194’
set interfaces openvpn vtun10 mode ‘server’
set interfaces openvpn vtun10 persistent-tunnel
set interfaces openvpn vtun10 protocol ‘udp’
set interfaces openvpn vtun10 server client xxxxxx ip ‘xxx.xxx.99.41’
set interfaces openvpn vtun10 server name-server ‘xxx.xxx.114.114’
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.255.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.255.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.1.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.0.0/16
set interfaces openvpn vtun10 server push-route xxx.xxx.12.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.14.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.50.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.100.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.123.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.124.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.162.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.163.0/24
set interfaces openvpn vtun10 server push-route xxx.xxx.188.0/24
set interfaces openvpn vtun10 server subnet ‘xxx.xxx.99.0/24’
set interfaces openvpn vtun10 tls ca-certificate ‘rootca’
set interfaces openvpn vtun10 tls certificate ‘openvpnserver’
set interfaces openvpn vtun10 tls dh-params ‘dh-1’
set interfaces openvpn vtun10 use-lzo-compression
set interfaces openvpn vtun11 encryption cipher ‘aes256’
set interfaces openvpn vtun11 hash ‘sha512’
set interfaces openvpn vtun11 local-host ‘xxx.xxx.188.111’
set interfaces openvpn vtun11 local-port ‘1195’
set interfaces openvpn vtun11 mode ‘server’
set interfaces openvpn vtun11 persistent-tunnel
set interfaces openvpn vtun11 protocol ‘udp’
set interfaces openvpn vtun11 server name-server ‘xxx.xxx.114.114’
set interfaces openvpn vtun11 server push-route xxx.xxx.160.0/24
set interfaces openvpn vtun11 server push-route xxx.xxx.162.0/24
set interfaces openvpn vtun11 server push-route xxx.xxx.163.0/24
set interfaces openvpn vtun11 server push-route xxx.xxx.188.0/24
set interfaces openvpn vtun11 server subnet ‘xxx.xxx.98.0/24’
set interfaces openvpn vtun11 tls ca-certificate ‘rootca’
set interfaces openvpn vtun11 tls certificate ‘openvpnserver’
set interfaces openvpn vtun11 tls dh-params ‘dh-1’
set interfaces openvpn vtun11 use-lzo-compression

Probably different server topology Client config ifconfig-push format changed? - OpenVPN Support Forum
But this option was not changed at least 5 years vyos-1x/data/templates/openvpn/client.conf.j2 at c1cd7b4a7665f29ffcbe22d8450abaa759932242 · vyos/vyos-1x · GitHub

Just add this command:set interfaces openvpn vtun10 server topology ‘subnet’;Work is normal now, thank you very much!

2 Likes