Page MenuHomeVyOS Platform

OpenVPN custom option for "--client-to-client" causes configuration error
Closed, InvalidPublicBUG

Description

Hello,

I am configuring OpenVPN. When using the configuration command

"set interfaces openvpn vtun0 openvpn-option "--client-to-client", after rebooting VyOS reports a configuration error and clears the OpenVPN configuration. For some reason this shows up as "unquoted" in the configuration file.

open-vpn-issue.png (973×1 px, 72 KB)

Thanks

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.3-beta-202112240442
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Event Timeline

I checked in the OpenVPN network lab.
Version:

Version:          VyOS 1.3.0
Release train:    equuleus

Configuration:

vyos@vyos# show interfaces openvpn vtun0
set interfaces openvpn vtun0 encryption cipher 'aes256gcm'
set interfaces openvpn vtun0 hash 'sha512'
set interfaces openvpn vtun0 local-host '192.168.122.100'
set interfaces openvpn vtun0 local-port '1194'
set interfaces openvpn vtun0 mode 'server'
set interfaces openvpn vtun0 openvpn-option '--client-to-client'
set interfaces openvpn vtun0 openvpn-option '--verb 9'
set interfaces openvpn vtun0 openvpn-option '--mute 10'
set interfaces openvpn vtun0 openvpn-option '--dev vtun0'
set interfaces openvpn vtun0 openvpn-option '--ifconfig-pool-persist ipp.txt'
set interfaces openvpn vtun0 openvpn-option '--status openvpn2.log'
set interfaces openvpn vtun0 openvpn-option '--user nobody --group nogroup'
set interfaces openvpn vtun0 openvpn-option '--persist-key --persist-tun'
set interfaces openvpn vtun0 openvpn-option '--keepalive 10 120'
set interfaces openvpn vtun0 persistent-tunnel
set interfaces openvpn vtun0 protocol 'udp'
set interfaces openvpn vtun0 server max-connections '5'
set interfaces openvpn vtun0 server name-server '1.1.1.1'
set interfaces openvpn vtun0 server push-route 10.10.10.0/24
set interfaces openvpn vtun0 server subnet '10.10.20.0/24'
set interfaces openvpn vtun0 server topology 'subnet'
set interfaces openvpn vtun0 tls ca-cert-file '/config/auth/openvpn/ca.crt'
set interfaces openvpn vtun0 tls cert-file '/config/auth/openvpn/central.crt'
set interfaces openvpn vtun0 tls dh-file '/config/auth/openvpn/dh.pem'
set interfaces openvpn vtun0 tls key-file '/config/auth/openvpn/central.key'
set interfaces openvpn vtun0 use-lzo-compression

After rebooting, the OpenVPN configuration is saved:

vyos@vyos# show interfaces openvpn vtun0 
 encryption {
     cipher aes256gcm
 }
 hash sha512
 local-host 192.168.122.100
 local-port 1194
 mode server
 openvpn-option --client-to-client
 openvpn-option "--verb 9"
 openvpn-option "--mute 10"
 openvpn-option "--dev vtun0"
 openvpn-option "--ifconfig-pool-persist ipp.txt"
 openvpn-option "--status openvpn2.log"
 openvpn-option "--user nobody --group nogroup"
 openvpn-option "--persist-key --persist-tun"
 openvpn-option "--keepalive 10 120"
 persistent-tunnel
 protocol udp
 server {
     max-connections 5
     name-server 1.1.1.1
     push-route 10.10.10.0/24 {
     }
     subnet 10.10.20.0/24
     topology subnet
 }
 tls {
     ca-cert-file /config/auth/openvpn/ca.crt
     cert-file /config/auth/openvpn/central.crt
     dh-file /config/auth/openvpn/dh.pem
     key-file /config/auth/openvpn/central.key
 }
 use-lzo-compression
[edit]
vyos@vyos#

Hi -

I will close this. It turns out the root cause is related to this other bug I filed:

https://phabricator.vyos.net/T4230

Thanks!