OpenVPN Configuration: #Server's VPN Subnet.
This is the ninth in a series of posts, featuring Protips, tips, tricks, hacks, and secrets provided by Our Team 🙊 — We want to share our top tips for the growing and thriving Linux community out there. Because sometimes you need a little help...
This is a series of posts focusing on useful OpenVPN server configuration options such as: #the use of secure cryptographic algorithms; #client-to-client communication and so forth …
Ensure that all options are included and saved in your OpenVPN server configuration file. ie: /etc/openvpn/server.conf
🎧
To define the subnet for the VPN clients in the OpenVPN server configuration, you can use the "server
" directive followed by the IP address range and subnet mask.
This directive specifies the IP address pool from which the server will assign addresses to connecting VPN clients.
Add those lines to your configuration file:
# Server's VPN subnet
server 10.8.0.0 255.255.255.0
In this instance:
server
is the directive used to define the VPN subnet. It tells OpenVPN to set up a VPN subnet and handle IP address allocation for clients. It configures the OpenVPN server to manage the VPN’s internal network.10.8.0.0
is the starting IP address of the VPN subnet. It's a network address, not assigned to any specific client but represents the whole subnet. In this case, the subnet is 10.8.0.0/24, which means it's a private IP range used for the VPN.255.255.255.0
is the subnet mask, defining the size of the network. It specifies how many IP addresses are available within the subnet. 255.255.255.0 corresponds to a /24 subnet, providing up to 254 usable IP addresses (10.8.0.1 to 10.8.0.254) for VPN clients. This subnet is essentially a Class C network, designed to support up to 254 connected clients. Since this subnet is virtual and exists only within the VPN, it ensures that all clients are assigned unique private IP addresses, allowing for secure communication within the VPN.
You can adjust the IP address range and subnet mask according to your network requirements. Make sure that the chosen subnet does not conflict with any existing networks and that it provides enough IP addresses to accommodate the expected number of VPN clients.
We hope this was of great use!