summaryrefslogtreecommitdiff
path: root/data/templates/openvpn/server.conf.tmpl
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2022-05-01 08:00:52 -0400
committerDaniil Baturin <daniil@vyos.io>2022-05-01 08:00:52 -0400
commitf64b7cb6e6c9e80912daed095a90a4fd2581c79f (patch)
tree5717f287e4d414682805d6fda31ebae5e484f999 /data/templates/openvpn/server.conf.tmpl
parentc9e362224a7209e78dcff989861f5c2b2be7bdad (diff)
downloadvyos-1x-f64b7cb6e6c9e80912daed095a90a4fd2581c79f.tar.gz
vyos-1x-f64b7cb6e6c9e80912daed095a90a4fd2581c79f.zip
T4402: fix ifconfig-pool generation logic
Diffstat (limited to 'data/templates/openvpn/server.conf.tmpl')
-rw-r--r--data/templates/openvpn/server.conf.tmpl9
1 files changed, 6 insertions, 3 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
index 75aae2981..627068b3e 100644
--- a/data/templates/openvpn/server.conf.tmpl
+++ b/data/templates/openvpn/server.conf.tmpl
@@ -82,15 +82,18 @@ push "route-ipv6 {{ route }}"
{% endif %}
{% endfor %}
{% endif %}
+
+{% if server.client_ip_pool is not defined %}
{# OpenVPN assigns the first IP address to its local interface so the pool used #}
{# in net30 topology - where each client receives a /30 must start from the second subnet #}
{% if server.topology is defined and server.topology == 'net30' %}
-ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }}
+ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {% if device_type == 'tap' %} {{ subnet | netmask_from_cidr }} {% endif %}
{% else %}
{# OpenVPN assigns the first IP address to its local interface so the pool must #}
{# start from the second address and end on the last address #}
-ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }}
+ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {% if device_type == 'tap' %} {{ subnet | netmask_from_cidr }} {% endif %}
{% endif %}
+{% endif %}
{% elif subnet | is_ipv6 %}
server-ipv6 {{ subnet }}
{% endif %}
@@ -98,7 +101,7 @@ server-ipv6 {{ subnet }}
{% endif %}
{% if server.client_ip_pool is defined and server.client_ip_pool is not none and server.client_ip_pool.disable is not defined %}
-ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is defined and server.client_ip_pool.subnet_mask is not none }}
+ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }} {{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is defined and server.client_ip_pool.subnet_mask is not none and device_type == 'tap' }}
{% endif %}
{% if server.max_connections is defined and server.max_connections is not none %}
max-clients {{ server.max_connections }}