Client Specific Override Routing Issue
-
Summary – Having issue connecting to ANY subnet that is not part of my client specific override subnet of 192.168.6.0/30
I'm running the LATEST pfSense version of 2.3.1-RELEASE-p5 as of 07/02/16
OpenVPN Server
Tunnel Network - 192.168.5.0/24
Custom Options
push "route 192.168.5.0 255.255.255.0"; push "route 192.168.11.0 255.255.255.0";
When connecting with a user that is not part of a client specific override I have absolutely no issue getting to 192.168.11.0/24.
Client Specific Override
Tunnel Network - 192.168.6.0/30
Advanced
push "route 192.168.6.0 255.255.255.252"; push "route 192.168.11.0 255.255.255.0";
I see that there are routes for 192.168.5.0/24 when i run a netstat -rn on the pfSense shell, but there are NO routes for 192.168.6.0/30
192.168.5.0/24 192.168.5.2 UGS ovpns1 192.168.5.1 link#8 UHS lo0 192.168.5.2 link#8 UH ovpns1
Any ideas here?? Please also keep in mind i have all corresponding firewall rules. I even opened them up completed in the OPENVPN interface tab of the firewall rules.
-
Disregard!! This doc fixed it =]
https://secure-computing.net/wiki/index.php/OpenVPN/Routing
I added an additional line in to my openvpn server config "Custom options" and modified "Advanced" under client specific overrides
<< = removed
= added
OpenVPN server "Custom options"
push "route 192.168.5.0 255.255.255.0"; push "route 192.168.11.0 255.255.255.0"; >> route 192.168.6.0 255.255.255.252
Client Specific Override "Advanced"
<< push "route 192.168.6.0 255.255.255.252"; << push "route 192.168.11.0 255.255.255.0"; >> iroute 192.168.6.0 255.255.255.252
After i did this; I now see the following when running netstat -rn
192.168.5.0/24 192.168.5.2 UGS ovpns1 192.168.5.1 link#8 UHS lo0 192.168.5.2 link#8 UH ovpns1 192.168.6.0/30 192.168.5.2 UGS ovpns1
Everything works perfectly now =]