From 3237fec72140f8cadb6ed8cfbfadbb4bb14d4554 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 23 Nov 2020 11:33:15 +0100 Subject: openvpn: T3074: fix site-2-site operation mode When rendering the configs "ifconfig" statement wrong IP addresses have been used for the "tun" operating mode. This has been corrected. --- data/templates/openvpn/server.conf.tmpl | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) (limited to 'data/templates/openvpn/server.conf.tmpl') diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index ef1f235b0..a1daaa078 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -52,13 +52,14 @@ push "redirect-gateway def1" compress lzo {% endif %} -{% if 'client' in mode %} +{% if mode == 'client' %} # # OpenVPN Client mode # client nobind -{% elif 'server' in mode %} + +{% elif mode == 'server' %} # # OpenVPN Server mode # @@ -129,6 +130,7 @@ push "route-ipv6 {{ route6 }}" push "dhcp-option DNS6 {{ ns6 }}" {% endfor %} {% endif %} + {% else %} # # OpenVPN site-2-site mode @@ -136,19 +138,24 @@ push "dhcp-option DNS6 {{ ns6 }}" ping {{ keep_alive.interval }} ping-restart {{ keep_alive.failure_count }} -{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} -{% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} +{% if device_type == 'tap' %} +{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} +{% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }} -{% else %} -{% for raddr in remote_address %} -{% if raddr | is_ipv4 %} +{% endif %} +{% endfor %} +{% else %} +{% for laddr in local_address if laddr | is_ipv4 %} +{% for raddr in remote_address if raddr | is_ipv4 %} ifconfig {{ laddr }} {{ raddr }} -{% else %} +{% endfor %} +{% endfor %} +{% for laddr in local_address if laddr | is_ipv6 %} +{% for raddr in remote_address if raddr | is_ipv6 %} ifconfig-ipv6 {{ laddr }} {{ raddr }} -{% endif %} {% endfor %} -{% endif %} -{% endfor %} +{% endfor %} +{% endif %} {% endif %} {% if tls is defined and tls is not none %} -- cgit v1.2.3