diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-01-06 22:23:21 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-06 22:23:21 +0100 |
| commit | de5ca2100d6bd45d3e6d522510aec1e7af8f0599 (patch) | |
| tree | 926ad9ad2de0f14b18759a6b3b2f62e1c4dac0b7 /data/templates | |
| parent | 4aea0c4c9ef90b7156b05428ded4d41d21ad8589 (diff) | |
| parent | 7e4d6896b2e1b84837ac07488f518627405270eb (diff) | |
| download | vyos-1x-de5ca2100d6bd45d3e6d522510aec1e7af8f0599.tar.gz vyos-1x-de5ca2100d6bd45d3e6d522510aec1e7af8f0599.zip | |
Merge pull request #2763 from vyos/mergify/bp/sagitta/pr-1637
openvpn: T3214: fix server-ipv6 and nopool handling (backport #1637)
Diffstat (limited to 'data/templates')
| -rw-r--r-- | data/templates/openvpn/server.conf.j2 | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2 index b9dfe23ad..64c8e8086 100644 --- a/data/templates/openvpn/server.conf.j2 +++ b/data/templates/openvpn/server.conf.j2 @@ -74,7 +74,7 @@ topology {{ server.topology }} {% endif %} {% for subnet in server.subnet %} {% if subnet | is_ipv4 %} -server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool +server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} {{ 'nopool' if server.client_ip_pool is vyos_defined and server.client_ip_pool.disable is not vyos_defined else '' }} {# First ip address is used as gateway. It's allows to use metrics #} {% if server.push_route is vyos_defined %} {% for route, route_config in server.push_route.items() %} @@ -85,15 +85,6 @@ push "route-ipv6 {{ route }}" {% endif %} {% endfor %} {% endif %} -{# OpenVPN assigns the first IP address to its local interface so the pool used #} -{# in net30 topology - where each client receives a /30 must start from the second subnet #} -{% if server.topology is vyos_defined('net30') %} -ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} -{% else %} -{# OpenVPN assigns the first IP address to its local interface so the pool must #} -{# start from the second address and end on the last address #} -ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }} -{% endif %} {% elif subnet | is_ipv6 %} server-ipv6 {{ subnet }} {% endif %} |