Add rout open vpn client



  • Hello guys,
    Where I work all my network was already closed VPN with Mikrotik and this week I installed Pfsense as Firewall.
    I made Pfsense routing with the Mikrotiks from the company branches without problem on the lan network.
    I would like to know how I could add put the routing below into the Mikrotik open vpn client.
    Route add 10.0.30.0 MASK 255.255.255.0 10.0.0.16 -p


  • LAYER 8 Netgate

    Not even close to enough information?

    What is the OpenVPN Server?

    What kind of server is it? SSL/TLS or Shared Key?

    What is 10.0.0.16?



  • Hello, Derelict
    I will detail my scenario better, today in my environment all companies are interconnected by VPN through Mikrotik.
    The previous IT person configured as follows:
    Headquarters 10.0.0.0
    Branch 1 192.168.1.0
    Branch 2 10.0.20.0
    All the servers are in the head office that has the band 10.0.0.0
    For instance, for branch 2 to be able to access the head office servers on each server, the route "Route add 10.0.20.0 MASK 255.255.255.0 10.0.0.16 -p"
    This IP 10.0.0.16 is the IP of Mikrotik.
    So during that week I installed Pfsense in the company and did the routing and in the LAN I am able to see all the networks.
    We have some vendors who need to access our server, so I configured PFsense as an OpenVPN server.
    I configured it as Remote Access (SSL / TLS + User + Auth)
    IPV4 Tunnel 10.17.0.0/24
    IPV4 local network 10.0.0.0/24

    When I install the OPENVPN application on the client it connects to the server normally on the 10.0.0.0 network, but in the openvpn client I can not reach the 10.0.20.0 or 192.168.1.0 networks.
    In OPENVPN in "Custom Options" I added the push "route 10.0.20.0 255.255.255.0" and I can not access that network.

    Do you have any tips to solve this problem?


  • LAYER 8 Netgate

    If you are not using redirect gateway on the remote access server you need to add the 10.0.20.0 and 192.168.1.0 networks to the Local Networks on the Remote Access OpenVPN server.

    You also need to make sure those branches know how to route back to 10.17.0.0/24

    You need to make sure all firewall rules pass the necessary traffic.


Log in to reply