On Sun, Sep 13, 2020 at 2:41 PM <ocs...@plaga.de> wrote: > > > Hello everyone, > Hi!
> Now my problem: In one of my standard configurations, I run the ocserv > behind of proprietary routers on a small arm-based computer. On that, I > use armbian which is a Debian derivative with a 5.7 Linux Kernel > optimized for Arm boards. Armbian is configured to be systemd-free and > runs SysV init. Ports 443 UDP/TCP are portforwarded to the Arm board so > that these are reachable from the internet. The IP configuration is static. > > Configuration is minimal: > ---- > socket-file = /var/run/ocserv-socket > device = vpns > dns=8.8.8.8 > > ipv4-network = 192.168.7.32/27 > > # TCP and UDP port number > tcp-port = 443 > udp-port = 443 > > route = 0.0.0.0/0.0.0.0 Is your goal to have the server being the default route for the client? If yes, then the documented way to do that is to set "route = default" or removing all the routes. > On Debian 9 with ocserv Version 0.11.6 routing behavior is as expected: > - user connects > - ocserv creates a route pointing to the vpn device the user is assigned to > - after the user disconnects: the vpn route is removed > > creates a route pointing to the vpn device the user is assigned to > After upgrading to Debian 10 (current armbian with Kernel 5.7.15), > ocserv was upgraded to version 0.12.2. With the same configuration, the > routing behavior had changed to the following: > - user connects > - ocserv creates a route pointing to the vpn device the user is assigned to > - Strange: the default route changes to the hostname of the host ocserv > is running on What is this address? Is it part of the address range for ocserv? Does the issue go away by using the expected route notation? regards, Nikos _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
