vhost not work as expected
Hello! vhosts are not working as expected. When I define vhost, I cannot connect to him. Got error "no networks are configured; rejecting client". But if I define device directive in vhost config, I can connect, but I got warning "warning: device is ignored on **** virtual host".
Version of ocserv used:
ocserv 1.1.4
Compiled with: seccomp, oath, radius, gssapi, PAM, PKCS#11, AnyConnect GnuTLS version: 3.7.6 (compiled with 3.7.3)
Client used:
Cisco AnyConnect
Distributor of ocserv
EPEL
Logs when no device defined:
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 new user session
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 selected IP: 192.168.227.27
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 assigned IPv4: 192.168.227.27
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 assigning tun device vpns0
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 user of group 'vpn-rds-contractors' authenticated (using cookie)
ocserv[7259]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 executing script up /etc/ocserv/updown.sh
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 connect-script exit status: 0
ocserv[7253]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 sending (socket) message 2 to worker
ocserv[7253]: main[vhost:xxxx.xxxx.rxxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2251 user logged in
ocserv[7258]: worker[vhost:xxxx.xxxx.xxxx: sinaa-test]: 176.xxxx.xxxx.xxxx worker-vpn.c:1899: no networks are configured; rejecting client
Logs when device defined:
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 new user session
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 selected IP: 192.168.227.27
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 assigned IPv4: 192.168.227.27
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 assigning tun device vpns0
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 user of group 'vpn-rds-contractors' authenticated (using cookie)
ocserv[7277]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 executing script up /etc/ocserv/updown.sh
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 connect-script exit status: 0
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 sending (socket) message 2 to worker
ocserv[7269]: main[vhost:xxxx.xxxx.xxxx: sinaa-test]:176.xxxx.xxxx.xxxx:2283 user logged in
vhost config:
[vhost:XXX.XXX.XXX]
auth = "radius[config=/etc/radcli/radiusclient.conf,nas-identifier=ocserv]"
acct = "radius[config=/etc/radcli/radiusclient.conf,nas-identifier=ocserv]"
server-cert = /etc/letsencrypt/live/XXXX/fullchain.pem
server-key = /etc/letsencrypt/live/XXXX/privkey.pem
#device = othr
ipv4-network = 192.168.226.0/23
dns = 10.239.13.99
dns = 10.239.3.10
dns = 10.239.3.11
split-dns = some.domain
default-group-config = /etc/ocserv/defaults/group.conf
config-per-group = /etc/ocserv/config-per-othr/
keepalive = 32400
dpd = 90
mobile-dpd = 1800
switch-to-tcp-timeout = 25
tls-priorities = "NORMAL:%SERVER_PRECEDENCE"
cookie-timeout = 300
#persistent-cookies = true
deny-roaming = false
rekey-time = 172800
rekey-method = ssl
predictable-ips = true
default-domain = some.domain