[OpenVPN]解決 TCP/UDP: Incoming packet rejected from XXX([OpenVPN] Resolved TCP / UDP: Incoming packet rejected from XXX)

問題

---

TCP/UDP: Incoming packet rejected from 192.168.4.254:5000, expected peer address: 192.168.9.254:5000 (allow this incoming source address/port by removing --remote or adding --float)





解決方法

---

config加入一行'float'

說明如下:
Allow remote peer to change its IP address and/or port number, such as due to DHCP (this is the default if --remote is not used). --float when specified with --remote allows an OpenVPN session to initially connect to a peer at a known address, however if packets arrive from a new address and pass all authentication tests, the new address will take control of the session. This is useful when you are connecting to a peer which holds a dynamic address such as a dial-in user or DHCP client.

Essentially, --float tells OpenVPN to accept authenticated packets from any address, not only the address which was specified in the --remote option.

https://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html