On Wed, Mar 30, 2016 at 09:56:02PM +0200, Gert Doering wrote: > On Tue, Mar 29, 2016 at 09:20:06AM +0200, Marc Haber wrote: > > However, the OpenVPN server does not seem to be able to listen on both > > UDP and TCP, and I need to run a second OpenVPN server to listen on > > TCP. This makes it impossible to assign the client that is now > > connected to the fallback TCP server instead of the default UDP server > > its normal IP addresses, which of course causes a truckload of issues > > with access lists and DNS. > > > > Is there a known and accepted workaround that will allow a client to > > connect via UDP today and TCP tomorrow while having its normal IP > > addresses assigned short of running a dedicated OpenVPN server for > > each such client and restarting it with the port changed if there is > > the need to do that? > > The "canonical" solution as of today is to use a --learn-address script > (which gets called by the openvpn process as soon as ifconfig-pool and > iroute processing is done) and set up routing on the linux side towards > the corresponding tun device for the "UDP server" or the "TCP server".
Wouldn't I need that script on both sides? Or only on the server? Is there some example code somewhere since it's the "canonical" solution? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140 _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
