I got OpenVPN up and running on OpenSuSE in bridging mode and I’m thrilled with this success, but now I need to press a little further. Instead of clients getting an IP address from a pool defined in server-bridge I want specific clients to get specific LAN IP addresses.
This seems to be addressed in the howto documentation at OpenVPN 2.0 HOWTO but what isn’t entirely clear is how the server knows which client is which?
Is the client name (“sysadmin1”, “contractor1” and “contractor2” in the above linked example) the same name used when creating client keys ("./build-key client1")?
wplate wrote:
> I got OpenVPN up and running on OpenSuSE in bridging mode and I’m
> thrilled with this success, but now I need to press a little further.
> Instead of clients getting an IP address from a pool defined in
> server-bridge I want specific clients to get specific LAN IP addresses.
>
> This seems to be addressed in the howto documentation at ‘OpenVPN 2.0
> HOWTO’ (http://openvpn.net/howto.html#policy) but what isn’t entirely
> clear is how the server knows which client is which?
>
> Is the client name (“sysadmin1”, “contractor1” and “contractor2” in the
> above linked example) the same name used when creating client keys
> ("./build-key client1")?
It is.
You can use the --client-config-dir option to achieve this.
E.g.
client-config-dir /etc/openvpn/ccd
/etc/openvpn/ccd/client1
ifconfig-push local remote-netmask
push “route addr netmask”
push “dhcp-option WINS addr”
push “dhcp-option DNS addr”
When client1 sends the right credentials, it gets the correct configuration
sent back.