0

I'm trying to get an iPhone to connect to my VPN server. I have it working for two phones but a third fails with the following in the iOS client:

[Sep 05, 2023, 22:36:00] EVENT: ASSIGN_IP

[Sep 05, 2023, 22:36:00] NIP: preparing TUN network settings

[Sep 05, 2023, 22:36:00] NIP: init TUN network settings with endpoint: MY_IP_ADDRESS

[Sep 05, 2023, 22:36:00] Client exception in transport_recv: tun_prop_error: ifconfig addresses are not in the same /30 subnet (topology net30)

[Sep 05, 2023, 22:36:00]

I cannot figure how it's possible for one phone to hit this but not all phones. All the phones are on the same network. The subset I'm using appears to not conflict with anything.

Improve this question
5
  • how many concurrent connecttions do you have? the tunnel is /30, so it only has room for two endpoints, 1 client and 1 endpoint.
    – Frank Thomas
    Commented Sep 6, 2023 at 6:30
  • Zero concurrent connections. Perhaps I should increase the number of maximum concurrent connections?
    – User7391
    Commented Sep 6, 2023 at 11:39
  • so did you configure your tunnel to use the same IP that the interface uses for LAN communication (MY_IP_ADDRESS from the output above)? the tunnel IP addresses should NOT be in the same network as the LAN. for instance if my LAN is on 192.168.1.0/24, my tunnel should be on another network like 10.254.2.3/30 <-->10.254.2.2/30.
    – Frank Thomas
    Commented Sep 6, 2023 at 18:19
  • Thanks for the great question. My network is 192.168.2.x so I set the vpn to assign addresses with 192.168.3.x. That should be sufficient, right?
    – User7391
    Commented Sep 6, 2023 at 22:43
  • OpenVPN creates a tunnel between two networks, so there are 3 total networks, 'left' (192.68.2.x/24), 'tunnel' (?.?.?.?/30), and 'right' (192.168.3.x/24). the tunnel network is usually a /30 mask, because it provides exactly two host IPs, one for each end of the tunnel. the left and right networks are usually larger (like /24). it sounds like you have configured it to use an address from the left or right network as an endpoint in the tunnel network.
    – Frank Thomas
    Commented Sep 6, 2023 at 23:53

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .