Hi, On Sat, Jan 10, 2015 at 07:43:42PM +0100, Chris wrote: > On 01/10/2015 07:32 PM, Gert Doering wrote: > > (A slightly more detailed answer would require a slighly more > > detailed question - tun or tap mode, what exactly do you want to > > achieve, how is the client identified, ...) > > sorry, it's tun mode, the client is identified by Certificate Common > Name at the moment but I'm going to use username / password probably in > future. > > I want to log source / destination IPs with iptables.
--ifconfig-pool-persist ipp.txt
will ensure that the same client will always get the same address, but
you can't specify in advance *which one* it will be (have to look it up
in the ipp.txt file)
--client-config-dir + --ifconfig-push
will let you assign a IP address of your choice to a given client
(while technically the client is free to ignore that address and pick
anything, this is what the server will route to this client, so effectively,
it's forcing the address)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpCbyX51jQdY.pgp
Description: PGP signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
