作者:嗳__霞骸 | 来源:互联网 | 2017-08-21 01:47
小弟刚配置了OPENVPN能正常运行(证书认证与radius用户名与密码方式认证)现要给客户配置固定IP
在证书认证方式下配置的固定IP正常,都能取到所配置的IP,用户服务名与密码方式认证就分配不到配置的IP
服务端配置中已加入
username-as-common-name
以下是服务端配置
local 192.168.1.20
port 1194
proto tcp
dev tun
ca /root/openvpn-2.1.1/easy-rsa/2.0/keys/ca.crt
cert /root/openvpn-2.1.1/easy-rsa/2.0/keys/server.crt
key /root/openvpn-2.1.1/easy-rsa/2.0/keys/server.key
dh /root/openvpn-2.1.1/easy-rsa/2.0/keys/dh1024.pem
client-config-dir /usr/local/etc/ccd
#route 10.9.0.0 255.255.255.252
#ifconfig-pool-persist /usr/local/etc/ipp.txt
server 10.8.0.0 255.255.255.0
client-to-client
keepalive 10 120
duplicate-cn
comp-lzo
persist-key
persist-tun
status /root/openvpn-2.1.1/easy-rsa/2.0/keys/openvpn-status.log
verb 4
push "dhcp-option DNS 218.85.157.99"
plugin /usr/local/etc/radiusplugin.so /usr/local/etc/radiusplugin.conf
client-cert-not-required
username-as-common-name
CCD下client2配置
ifconfig-push 10.9.0.1 10.9.0.2
客户端配置:
client
dev tun
proto tcp
remote 192.168.1.20 1194
persist-key
persist-tun
ca /usr/local/etc/ca.crt
#cert /usr/local/etc/keys/client2.crt
#key /usr/local/etc/keys/client2.key
auth-user-pass /usr/local/etc/user.conf
ns-cert-type server
comp-lzo
verb 3
redirect-gateway def1
status /usr/local/etc/openvpn-status.log
难道固定IP只能在证书方式下才能配置么