On Thu, Sep 17, 2020 at 10:15 PM <ocs...@plaga.de> wrote: > Hello Nikos, > > What is this address? Is it part of the address range for ocserv? Does > > the issue go away by using the expected route notation? > > My topology (Fritzbox is the router to my internet provider, > backuphostsr is the host running ocserv. ports 443 UDP/TCP are > portforwarded from the fritzbox to backuphostsr.): > > Fritzbox <--> Backuphostsr > 192.168.7.1 192.168.7.13 > Default Route: 192.168.7.1
> With 0.11.12, the setting of the default route remains stable (as set) > after a user connects to ocserv. The user gets an IP from the pool. > > Starting with ocserv 0.12.0: a user connects, and the route changes to > the following: > > Fritzbox <--> Backuphostsr > 192.168.7.1 192.168.7.13 > Default Route: 192.168.7.13 I suspect that default route here is the peer address you see on the clients right? ocserv sets as its IP the first network address of the one assigned. With 192.168.7.32/27 you should have 192.168.7.33 (is 13 a typo?) Most likely the behavior in 0.11.x is a bug, and it most likely accidental that it was working. If the first address in the network doesn't work as default route in your setup you may need to make the server ocserv runs on capable to route. regards, Nikos > > The host backuphostsr is assigned 192.168.7.13. Therefore the default > route points to the host itself. Changig the route notation does not > change anything. After the user disconnects, the correct default route > (192.168.7.1) is restored. > > > It is a strange behavior ... > > Regards > > Sven > > > > > > > > > regards, > > Nikos > > > > _______________________________________________ > > openconnect-devel mailing list > > openconnect-devel@lists.infradead.org > > http://lists.infradead.org/mailman/listinfo/openconnect-devel > > > > > _______________________________________________ > openconnect-devel mailing list > openconnect-devel@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/openconnect-devel _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
