per-user device name and local server's ip pin
Andrei Sergeev
batonxleba at gmail.com
Wed Apr 26 09:01:12 PDT 2023
Thanks for answer. Actually these questions was about ocserv, not about
openconnect...
Maybe it is wrong mailing list? Sorry, if so - I got it from
ocserv.gitlab.io.
On 26.04.2023 11:51, David Woodhouse wrote:
> On Wed, 2023-04-26 at 06:26 +0300, Andrei Sergeev wrote:
>> Hello.
>>
>> Could you please help me, I'm struggling with two problems:
>> 1. Is there any possibility to pin local device name on per-user basis?
>> For now it says "skipping unknown option 'device' " if i place it in
>> user config file.
> The options have the same name as the command line options, and that
> one is --interface. So "interface" in the config file.
>
>> 2. And the second question: is there any ability to set fixed server's
>> local side IP address for the tunnel interface?
>> Even if I, for example, will set up an ipv4-network = 192.168.0.1,
>> ipv4-netmask = 255.255.255.255 and explicit-ipv4 = 192.168.0.50 for user
>> - the ocserv instance gets an address 192.168.0.3 for his side, which
>> couldn't be predicted...
> That's not something the client can control, is it? The server actually
> has to *respond* to that address, surely? If you care at all; why does
> anyone care about the IP address that the server has on its end of the
> tunnel link anyway? If you want to communicate with the server itself,
> doesn't it have a canonical IP address on one of its physical networks?
> and if you want route through the server to anything beyond, nobody
> cares what the IP address of the server is...
>
> Knowing what you're trying to achieve with this would help to answer
> it.
More information about the openconnect-devel
mailing list