Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Add route to a Client OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 46.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      djmime
      last edited by

      Hi I need to add moor then 2 routes to a client VPN
      is there a way to do that
      I need to add route to the following networks
      172.16.10.0/24
      192.168.0.0/24
      172.16.11.0/24
      I can add only one additional route to the client
      when I try to add the second I get an error on the client
      push route mast be a valid subnet
      thanks Daniel

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        The server needs to know about the subnets available at the client end. So you can do either one of:
        a) Tell the server about it directly - on the server config, put the first subnet in the "Remote Network" field and then in Advanced put:

        route 192.168.0.0 255.255.255.0;route 172.16.11.0 255.255.255.0

        or
        b) Push the routes to the server from the client - on the client config, put the first subnet in the "Local Network" field and then in Advanced put:

        push "route 192.168.0.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"

        I am assuming that both the server and client are pfSense, if not then pick whichever of option (a) or (b) is pfSense.
        Remember to add firewall rules to permit the traffic that you want to allow across the OpenVPN to and from the networks.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • D
          djmime
          last edited by

          Hi
          I have added the routes on the client specific overrides
          two routes but I am getting only one
          1 push "route 172.16.11.0 255.255.255.0"
          2 push "route 172.16.10.0 255.255.255.0"
          I can see that I have a route for 172.16.10.0 network
          and the default that is configured on the server 192.168.2.0 network
          cant see the other routes that I have added
          thanks Daniel

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            My first post above is around the wrong way (you want to add routes for subnets reachable at the server end, to the client end), but you have worked that out. The principle is still there, just needs the 'push "route…"' and 'route...' swapping around a bit.

            In the Advanced section, make sure you separate the 2 push commands with a semicolon. And do not put any new lines in, do not even put a ";" at the end:

            push "route 172.16.11.0 255.255.255.0";push "route 172.16.10.0 255.255.255.0"

            Hopefully the issue is just the syntax in the Advanced box.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • D
              djmime
              last edited by

              Hi
              thanks for the help
              i have to say that now the client is getting the routes that i have added this morning
              without any changes
              just added this line
              push "route 172.16.10.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"
              up until know the route wont work for some reason
              thanks for the help  Daniel :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.