Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't assign static IP for a client. #189

Open
KurtCuckbain opened this issue Jun 28, 2023 · 4 comments
Open

Can't assign static IP for a client. #189

KurtCuckbain opened this issue Jun 28, 2023 · 4 comments
Labels
checking check if the problem is reproducible enhancement New feature or request

Comments

@KurtCuckbain
Copy link

I'm running DockoVPN in persistent configuration via docker-compose. I needed to create a client with static IP, so i created client via genclient.sh inside the container. After that i created a volume for ipp.txt file and filled it with client id and desired IP address. But server seems to ignore the ipp.txt and still dynamically allocates IP address for this client.

My docker-compose file:

version: '3'
services:
dockovpn:
image: alekslitvinenk/openvpn:latest
restart: always
entrypoint: /bin/bash
command:
- -c
- |
set -ex
if [[ ! -d /opt/Dockovpn_data/pki ]]; then
echo "Generate dh params"
cd /opt/Dockovpn_data
easyrsa init-pki
easyrsa gen-dh
cp pki/dh.pem /etc/openvpn
fi
cd /opt/Dockovpn
/usr/bin/dumb-init ./start.sh
cap_add:
- NET_ADMIN
environment:
- HOST_ADDR=serv_ip
ports:
- 1194:1194/udp
volumes:
- ./openvpn_conf:/opt/Dockovpn_data
- ./openvpn_ipp/ipp.txt:/opt/Dockovpn/ipp.txt

My ipp.txt file:

Client_id,ip_addr

After running the container content of ipp.txt changing to this:

Client_id,ip_addr, - container adds an extra comma at the end of line

Can anyone help me?
@alekslitvinenk alekslitvinenk added the checking check if the problem is reproducible label Jun 29, 2023
@KurtCuckbain
Copy link
Author

Adding startup logs:

openvpn-dockovpn-1 | + [[ ! -d /opt/Dockovpn_data/pki ]]
openvpn-dockovpn-1 | + cd /opt/Dockovpn
openvpn-dockovpn-1 | + /usr/bin/dumb-init ./start.sh
openvpn-dockovpn-1 | Mon Jul 3 06:17:35 2023 Creating tun/tap device.
openvpn-dockovpn-1 | Mon Jul 3 06:17:35 2023 Dockovpn v1.9.0
openvpn-dockovpn-1 | 2023-07-03 06:17:35 Note: Treating option '--ncp-ciphers' as '--data-ciphers' (renamed in OpenVPN 2.5).
openvpn-dockovpn-1 | 2023-07-03 06:17:35 WARNING: --topology net30 support for server configs with IPv4 pools will be removed in a future release. Please migrate to --topology subnet as soon as possible.
openvpn-dockovpn-1 | 2023-07-03 06:17:35 OpenVPN 2.5.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 24 2022
openvpn-dockovpn-1 | 2023-07-03 06:17:35 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
openvpn-dockovpn-1 | 2023-07-03 06:17:35 WARNING: --ifconfig-pool-persist will not work with --duplicate-cn
openvpn-dockovpn-1 | 2023-07-03 06:17:35 CRL: loaded 1 CRLs from file /etc/openvpn/crl.pem
openvpn-dockovpn-1 | 2023-07-03 06:17:35 TUN/TAP device tun0 opened
openvpn-dockovpn-1 | 2023-07-03 06:17:35 /sbin/ip link set dev tun0 up mtu 1500
openvpn-dockovpn-1 | 2023-07-03 06:17:35 /sbin/ip link set dev tun0 up
openvpn-dockovpn-1 | 2023-07-03 06:17:35 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
openvpn-dockovpn-1 | 2023-07-03 06:17:35 Could not determine IPv4/IPv6 protocol. Using AF_INET
openvpn-dockovpn-1 | 2023-07-03 06:17:35 UDPv4 link local (bound): [AF_INET][undef]:1194
openvpn-dockovpn-1 | 2023-07-03 06:17:35 UDPv4 link remote: [AF_UNSPEC]
openvpn-dockovpn-1 | 2023-07-03 06:17:35 ifconfig_pool_read(), in='IuayRCTzlZwUH8j9I3qGMnMQMCWysb5o,10.8.0.34'
openvpn-dockovpn-1 | 2023-07-03 06:17:35 succeeded -> ifconfig_pool_set(hand=7)
openvpn-dockovpn-1 | 2023-07-03 06:17:35 Initialization Sequence Completed
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_VER=2.6.2
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_PLAT=win
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_TCPNL=1
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_MTU=1600
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_NCP=2
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_PROTO=990
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_GUI_VER=OpenVPN_GUI_11
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 peer info: IV_SSO=openurl,webauth,crtext
openvpn-dockovpn-1 | 2023-07-03 06:17:46 client_ip:65116 [IuayRCTzlZwUH8j9I3qGMnMQMCWysb5o] Peer Connection Initiated with [AF_INET]client_ip:65116
openvpn-dockovpn-1 | 2023-07-03 06:17:46 IuayRCTzlZwUH8j9I3qGMnMQMCWysb5o/client_ip:65116 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)

@KurtCuckbain KurtCuckbain closed this as not planned Won't fix, can't repro, duplicate, stale Jul 3, 2023
@KurtCuckbain KurtCuckbain reopened this Jul 3, 2023
@alekslitvinenk
Copy link
Collaborator

Hi! We will address this issue in one of our future releases, to pin static ip to clients

@alekslitvinenk alekslitvinenk added the enhancement New feature or request label Jul 6, 2023
@LivingWithHippos
Copy link

LivingWithHippos commented Jul 24, 2023
edited

I'm already using static ips for clients with this container, you can follow this guide

basically:

  1. add to server.conf the folder which will store the clients configurations:
client-config-dir /etc/openvpn/staticclients
  1. populate the folder with files with the same name as the client name (;client-id XYZ in the client.ovpn file means creating a file named XYZ, no extension), and assign the ip in the file:
ifconfig-push 10.8.0.123 255.255.255.0

the only issue I have is that the logs do not print the correct ip that was assigned to the client

# this client was actually assigned 10.8.0.123
MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)

I also modified the scripts to mass generate the client files and create the needed static ip files in the correct folder

@zmk5566
Copy link

zmk5566 commented Jan 8, 2024
edited

I'm already using static ips for clients with this container, you can follow this guide

basically:

1. add to `server.conf` the folder which will store the  clients configurations:

client-config-dir /etc/openvpn/staticclients

2. populate the folder with files with the same name as the client name (`;client-id XYZ` in the client.ovpn file means creating a file named `XYZ`, no extension), and assign the ip in the file:

ifconfig-push 10.8.0.123 255.255.255.0

the only issue I have is that the logs do not print the correct ip that was assigned to the client

# this client was actually assigned 10.8.0.123
MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)

I also modified the scripts to mass generate the client files and create the needed static ip files in the correct folder

Further more with the discussion, if you encounter client error of "net30", that means the server is currently using topology of net30.

By using the method mentioned by @LivingWithHippos , you should also make sure you enforce the topology of using "subnet". Thus to summarize it up, you should add two lines in your server.conf:

client-config-dir /etc/openvpn/staticclients
topology subnet

otherwise, you should set the ifconfig-push in the net30 style:

ifconfig-push 10.8.0.6 10.8.0.5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
checking check if the problem is reproducible enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@alekslitvinenk @LivingWithHippos @KurtCuckbain @zmk5566