Creating a secure BMS system for your customers: Part 5, Client Configuration Directory; CCD

On windows this is a relative path from the location of the server config; C:\Program Files\OpenVPN\log\config\ccd. There are files here with contents that look like this;

iroute 10.105.101.0 255.255.255.0
ifconfig-push 10.8.0.11 255.255.255.0

The first line is covered by this article and helps the server get the information to the right VPN client / BMS router. This will contain the IP network that is on that network and the network mask for that network.

The second line assigns this particular VPN client a static VPN IP address, and VPN network mask.

There must be one of these files for every BMS VPN connecting to the server. The file name must match the connecting client common name exactly.

It seems like a long road to get here but we now have the OpenVPN app in place with a server configuration file, necessary crypto keys in place and CCD files to assist connecting clients. The OpenVPN server should start successfully with the bottom of the server log file saying

Initialization Sequence Completed