@@ -421,7 +421,7 @@ def test_openvpn_server_subnet_topology(self):
421421 # IP pool configuration
422422 netmask = IPv4Network (subnet ).netmask
423423 network = IPv4Network (subnet ).network_address
424- self .assertIn (f'server { network } { netmask } nopool ' , config )
424+ self .assertIn (f'server { network } { netmask } , config )
425425
426426 # Verify client
427427 client_config = read_file (client_config_file )
@@ -442,80 +442,6 @@ def test_openvpn_server_subnet_topology(self):
442442 interface = f'vtun{ ii }
443443 self .assertNotIn (interface , interfaces ())
444444
445- def test_openvpn_server_net30_topology (self ):
446- # Create OpenVPN server interfaces (net30) using different client
447- # subnets. Validate configuration afterwards.
448- auth_hash = 'sha256'
449- num_range = range (20 , 25 )
450- port = ''
451- for ii in num_range :
452- interface = f'vtun{ ii }
453- subnet = f'192.0.{ ii }
454- path = base_path + [interface ]
455- port = str (2000 + ii )
456-
457- self .cli_set (path + ['device-type' , 'tun' ])
458- self .cli_set (path + ['encryption' , 'cipher' , 'aes192' ])
459- self .cli_set (path + ['hash' , auth_hash ])
460- self .cli_set (path + ['mode' , 'server' ])
461- self .cli_set (path + ['local-port' , port ])
462- self .cli_set (path + ['server' , 'subnet' , subnet ])
463- self .cli_set (path + ['server' , 'topology' , 'net30' ])
464- self .cli_set (path + ['replace-default-route' ])
465- self .cli_set (path + ['keep-alive' , 'failure-count' , '10' ])
466- self .cli_set (path + ['keep-alive' , 'interval' , '5' ])
467- self .cli_set (path + ['tls' , 'ca-certificate' , 'ovpn_test' ])
468- self .cli_set (path + ['tls' , 'certificate' , 'ovpn_test' ])
469- self .cli_set (path + ['tls' , 'dh-params' , 'ovpn_test' ])
470- self .cli_set (path + ['vrf' , vrf_name ])
471-
472- self .cli_commit ()
473-
474- for ii in num_range :
475- interface = f'vtun{ ii }
476- subnet = f'192.0.{ ii }
477- start_addr = inc_ip (subnet , '4' )
478- stop_addr = dec_ip (last_host_address (subnet ), '1' )
479- port = str (2000 + ii )
480-
481- config_file = f'/run/openvpn/{ interface }
482- config = read_file (config_file )
483-
484- self .assertIn (f'dev { interface } , config )
485- self .assertIn (f'dev-type tun' , config )
486- self .assertIn (f'persist-key' , config )
487- self .assertIn (f'proto udp' , config ) # default protocol
488- self .assertIn (f'auth { auth_hash } , config )
489- self .assertIn (f'cipher AES-192-CBC' , config )
490- self .assertIn (f'topology net30' , config )
491- self .assertIn (f'lport { port } , config )
492- self .assertIn (f'push "redirect-gateway def1"' , config )
493- self .assertIn (f'keepalive 5 50' , config )
494-
495- # TLS options
496- self .assertIn (f'ca /run/openvpn/{ interface } , config )
497- self .assertIn (f'cert /run/openvpn/{ interface } , config )
498- self .assertIn (f'key /run/openvpn/{ interface } , config )
499- self .assertIn (f'dh /run/openvpn/{ interface } , config )
500-
501- # IP pool configuration
502- netmask = IPv4Network (subnet ).netmask
503- network = IPv4Network (subnet ).network_address
504- self .assertIn (f'server { network } { netmask } , config )
505- self .assertIn (f'ifconfig-pool { start_addr } { stop_addr } , config )
506-
507- self .assertTrue (process_named_running (PROCESS_NAME ))
508- self .assertEqual (get_vrf (interface ), vrf_name )
509- self .assertIn (interface , interfaces ())
510-
511- # check that no interface remained after deleting them
512- self .cli_delete (base_path )
513- self .cli_commit ()
514-
515- for ii in num_range :
516- interface = f'vtun{ ii }
517- self .assertNotIn (interface , interfaces ())
518-
519445 def test_openvpn_site2site_verify (self ):
520446 # Create one OpenVPN site2site interface and check required
521447 # verify() stages
0 commit comments