openvpn: after changing to server mode, client does not create TUN device
Solution 1:
In the client config use:
client
A helper directive designed to simplify the configuration of OpenVPN's client mode. This directive is equivalent to:
pull tls-client
In the server config:
server 10.8.117.0 255.255.255.0
expands to
mode server
tls-server
ifconfig 10.8.117.1 10.8.0.2
ifconfig-pool 10.8.117.4 10.8.117.251
route 10.8.117.0 255.255.255.0
A helper directive designed to simplify the configuration of OpenVPN's server mode. This directive will set up an OpenVPN server which will allocate addresses to clients out of the given network/netmask. The server itself will take the ".1" address of the given network for use as the server-side endpoint of the local TUN/TAP interface.
For example, --server 10.8.0.0 255.255.255.0 expands as follows:
mode server tls-server if dev tun: ifconfig 10.8.0.1 10.8.0.2 ifconfig-pool 10.8.0.4 10.8.0.251 route 10.8.0.0 255.255.255.0 if client-to-client: push "route 10.8.0.0 255.255.255.0" else push "route 10.8.0.1" if dev tap: ifconfig 10.8.0.1 255.255.255.0 ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0 push "route-gateway 10.8.0.1"
So the explicit tls-server
is not required.