diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-11-23 11:33:15 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-11-23 11:45:12 +0100 |
commit | 3237fec72140f8cadb6ed8cfbfadbb4bb14d4554 (patch) | |
tree | 6f74650a970224062141b2dee42f4e94843a9fc5 /data | |
parent | 4cba45c00c7d31bf71a6fb4b3cf9fabea4bb285a (diff) | |
download | vyos-1x-3237fec72140f8cadb6ed8cfbfadbb4bb14d4554.tar.gz vyos-1x-3237fec72140f8cadb6ed8cfbfadbb4bb14d4554.zip |
openvpn: T3074: fix site-2-site operation mode
When rendering the configs "ifconfig" statement wrong IP addresses have been
used for the "tun" operating mode. This has been corrected.
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index ef1f235b0..a1daaa078 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -52,13 +52,14 @@ push "redirect-gateway def1" compress lzo {% endif %} -{% if 'client' in mode %} +{% if mode == 'client' %} # # OpenVPN Client mode # client nobind -{% elif 'server' in mode %} + +{% elif mode == 'server' %} # # OpenVPN Server mode # @@ -129,6 +130,7 @@ push "route-ipv6 {{ route6 }}" push "dhcp-option DNS6 {{ ns6 }}" {% endfor %} {% endif %} + {% else %} # # OpenVPN site-2-site mode @@ -136,19 +138,24 @@ push "dhcp-option DNS6 {{ ns6 }}" ping {{ keep_alive.interval }} ping-restart {{ keep_alive.failure_count }} -{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} -{% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} +{% if device_type == 'tap' %} +{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} +{% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }} -{% else %} -{% for raddr in remote_address %} -{% if raddr | is_ipv4 %} +{% endif %} +{% endfor %} +{% else %} +{% for laddr in local_address if laddr | is_ipv4 %} +{% for raddr in remote_address if raddr | is_ipv4 %} ifconfig {{ laddr }} {{ raddr }} -{% else %} +{% endfor %} +{% endfor %} +{% for laddr in local_address if laddr | is_ipv6 %} +{% for raddr in remote_address if raddr | is_ipv6 %} ifconfig-ipv6 {{ laddr }} {{ raddr }} -{% endif %} {% endfor %} -{% endif %} -{% endfor %} +{% endfor %} +{% endif %} {% endif %} {% if tls is defined and tls is not none %} |