Back route of second OpenVNP connection not added

dimskraft

I have two pfSense boxes, connected by OpenVPN in p2p mode. Server has several WANs and two of them has OpenVPN servers configured.

First VPN has virtual tunnel network of 192.168.27.0/24 and second has 192.168.29.0/24.

Remote box has also two appropriate clients configured.

Remote (client's) network is 192.168.33.0/24. If I connect both clients or only one client, I see only one route back to client

$ netstat -r -4 | grep 33.0
192.168.33.0/24    192.168.27.2       UGS      ovpns4

i.e. route via 192.168.29.0/24 is not added.

Why and how to force it?

dimskraft

P.S. If go to server and manually issue a command

$ route change -net 192.168.33.0/24 192.168.29.4

where 192.168.29.4 is the address client got in connection, the back routing is starting to work.

But. I can't automate it because I don't know which address client will get and also I don't understand, why can't I have two routes to the same network simultaneously.

viragomann

@dimskraft
What's the sense of having two VPNs between the same two routers?

A failover in case that one WAN goes down?
If so, that's the wrong approach. Connection failover can be realized with gateway groups.

dimskraft

@viragomann I don't think gateway groups help here, since "client" has only one WAN

also the question is not about approach

viragomann

@dimskraft said in Back route of second OpenVNP connection not added:

I don't think gateway groups help here, since "client" has only one WAN

The gateway group should include the OpenVPN gateways, and there should be two of them as well in the client.