I have setup an Openvpn between two Ipfire hosts, the server has static public IP, the client dynamic.
When the client changes IP, the VPN is broken.
I thought that “Remote host/IP” in the server configuration was not essential, given that is not flagged *, but it seems that if the value is not correct, tha VPN will not be established.
@gian If I understand this, a client 192.168.1.10 connects to vpn server a.a.a.a Connection successful.
Later, the client changes ip to 192.168.1.20, tries to connect to vpn server a.a.a.a but fails?
This scenario sounds like, I go to a coffee shop, get a public ip, vpn to the office, works. Then, I go to another coffee shop, get another public ip, vpn to the office, does not work. It could happen if the second coffee shop blocks vpn traffic.
Hi tphz,
both screenshots lines completely different instances of IPFire out. The first one is the Roadwarrior instance (net30 topology) the second is Net-to-Net (P2MP topology). Both instances can not work with another cause of the instance differences.
In here → wiki.ipfire.org - OpenVPN Configuration you can find explanations for both configuration possiblities. Or on Youtube for RW → IPFire Openvpn roadwarrior - YouTube and N2N → IPFire OpenVPN Net-to-Net - YouTube sadly in german but may the screen can give you also some ideas what you can do.
The server will reply to ping from the client, given that the server address is known, whereas the server can’t ping the client if the service provider has changed IP, because this one will be unknown.
Site2Site use the dynamic dns on it the remote machine that is. Use a dynamic dns service on that ipfire box under services they have multiple to choose from. Then use that name in the field for the vpn setup instead of ip. PS not sure it was fixed in the last two releases as the client side was broken and I had to use 157 release to get the certs to import correctly.