OpenVPN 客户端请求 255.255.255.252 子网，服务器拒绝 /29 以下的任何内容

我已经设置了一个 OpenVPN 服务器，其网络设置如下：

topology subnet
server 192.168.123.0 255.255.255.0
push "dhcp-option DNS 192.168.123.1"      # DNS to server VPN IP
push "route 192.168.2.0 255.255.255.0"    # Workstations addresses via VPN
keepalive 10 120

所以：

• 192.168.2.* = 公司局域网
• 192.168.123.* = VPN 局域网

Linux 客户端能够连接，但 Windows 7 系统失败并出现以下错误：

您选择的 --ifconfig 端点 [local=192.168.123.2, remote=255.255.255.248] 存在问题。本地和远程 VPN 端点必须存在于同一个 255.255.255.252 子网内。这是与 TAP-WIN32 驱动程序一起使用时 --dev tun 的限制。尝试“openvpn --show-valid-subnets”...

这是连接初始化时的完整输出：

Thu Jul 01 09:36:55 2010 [server.FOOBAR] Peer Connection Initiated with 84.80.YYY.ZZZ
Thu Jul 01 09:36:56 2010 SENT CONTROL [server.FOOBAR]: 'PUSH_REQUEST' (status=1)
Thu Jul 01 09:36:56 2010 PUSH: Received control message: 'PUSH_REPLY,route 192.168.2.0 255.255.255.252,dhcp-option DNS 192.168.123.1,route-gateway 192.168.123.1,topology subnet,ping 10,ping-restart 120,ifconfig 192.168.123.2 255.255.255.248'
Thu Jul 01 09:36:56 2010 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: topology (2.0.9)
Thu Jul 01 09:36:56 2010 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jul 01 09:36:56 2010 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jul 01 09:36:56 2010 OPTIONS IMPORT: route options modified< al>Thu Jul 01 09:36:56 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jul 01 09:36:56 2010 WARNING: Since you are using --dev tun, the second argument to --ifconfig must be an IP address.  You are using something (255.255.255.
248) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Thu Jul 01 09:36:56 2010 There is a problem in your selection of --ifconfig endpoints [local=192.168.123.2, remote=255.255.255.248].  The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet.  This is a limitation of --dev tun when used with the TAP-WIN32 driver.  Try 'openvpn --show-valid-subnets' ....

任何尝试将服务器设置更改为 252 范围都会导致以下错误：

选项错误：--server 指令与 --dev tun 一起使用时必须定义 255.255.255.248 (/29) 或更低的子网

我需要设置哪些服务器设置才能使此客户端连接？服务器运行 OpenVPN 2.1.1，Windows 7 客户端运行 OpenVPN 2.0.9（最新稳定版本http://openvpn.se）

---

@Evan：这是我的客户端配置，不太令人兴奋：

client
dev tun

proto tcp
remote 84.80.203.199 1194
resolv-retry 2
nobind

# Server keys
ca SERVER-ca.crt
tls-auth SERVER-ta.key 1

# Client key
cert SOMEONE.crt
key SOMEONE.key

# Server settings to copy
comp-lzo

# Downgrade privileges after initialization (non-Windows only)
user nobody
group guest

# Try to preserve some state across restarts.
persist-key
persist-tun

# Verify server
ns-cert-type server

verb 3

;cipher x
;mute 20
;mute-replay-warnings