OpenVPN: multiple client routes do not work in server mode
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	c-po
	Nov 6 2020, 5:05 PM

Description

Given the following config:

set interfaces openvpn vtun0 encryption cipher 'aes256gcm'
set interfaces openvpn vtun0 encryption disable-ncp
set interfaces openvpn vtun0 hash 'sha512'
set interfaces openvpn vtun0 local-host '172.18.254.202'
set interfaces openvpn vtun0 local-port '11194'
set interfaces openvpn vtun0 mode 'server'
set interfaces openvpn vtun0 openvpn-option 'tls-version-min 1.3'
set interfaces openvpn vtun0 openvpn-option 'comp-lzo no'
set interfaces openvpn vtun0 persistent-tunnel
set interfaces openvpn vtun0 protocol 'udp'
set interfaces openvpn vtun0 server client client1 ip '10.10.3.2'
set interfaces openvpn vtun0 server client client1 subnet '10.10.3.0/29'
set interfaces openvpn vtun0 server client client1 subnet '10.20.0.0/16'
set interfaces openvpn vtun0 server subnet '10.10.3.0/29'
set interfaces openvpn vtun0 server topology 'subnet'
set interfaces openvpn vtun0 tls ca-cert-file /config/auth/ovpn_test_ca.pem
set interfaces openvpn vtun0 tls cert-file /config/auth/ovpn_test_server.pem
set interfaces openvpn vtun0 tls crypt-file '/config/auth/ovpn/ovpn_test_site2site.key'
set interfaces openvpn vtun0 tls dh-file /config/auth/ovpn_test_dh.pem
set interfaces openvpn vtun0 tls key-file /config/auth/ovpn_test_server.key

only one iroute statement is generated for client1

Details

Difficulty level: Easy (less than an hour)
Version: 1.3 rolling-202011060217
Why the issue appeared?: Implementation mistake
Is it a breaking change?: Perfectly compatible
Issue type: Bug (incorrect behavior)

Related Objects

Mentioned In: T3046: openvpn directory is not auto-created

Event Timeline

c-po changed the task status from Open to In progress.Nov 6 2020, 5:05 PM

c-po claimed this task.

c-po triaged this task as High priority.

c-po created this task.

c-po mentioned this in T3046: openvpn directory is not auto-created.

c-po changed Why the issue appeared? from Will be filled on close to Implementation mistake.

c-po changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.

c-po closed this task as Resolved.Nov 6 2020, 5:45 PM

pasik added a subscriber: pasik.Nov 6 2020, 7:09 PM

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Nov 23 2020, 3:28 PM

erkin set Issue type to Bug (incorrect behavior).Aug 29 2021, 12:19 PM

erkin removed a subscriber: Active contributors.

syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 29 2022, 12:27 PM

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.

OpenVPN: multiple client routes do not work in server modeClosed, ResolvedPublicBUGActions

Description

Details

Related Objects

Event Timeline

OpenVPN: multiple client routes do not work in server mode
Closed, ResolvedPublicBUG
Actions