On Mon, Feb 9, 2015 at 5:36 PM, David Woodhouse <dwmw2 at infradead.org> wrote: > You only need *one* internal IP address, and you can use that as the > local IP address on all the tunnels. > Perhaps you could use the external IP address of the server, but maybe > it's best to use something that the clients can route to *through* the > VPN. That would have to require additional configuration options. Thus, I've now applied Kevin's patch, and if addresses that are not managed by ocserv (i.e., explicit) are used, then only odd address will be accepted and the next even will be used as the local address. regards, Nikos
