Static Routes without Gateways
-
It would be really useful to be able to define static routes without providing a gateway, such as OpenVPN without pushed routes.
-
What???
Route and gateway belongs to each other. Where will you routing a traffic to??
Probably to a device by specifying a destination IP. So that IP is your gateway which you have to define first on pfSense. -
You cannot specify an OpenVPN device as gateway device; the ovpnc devices are not listed, only LAN, WAN, and other ethernet interfaces. Thus, gateway monitoring does not work and the route is not accepted.
-
OpenVPN routing should be configured in the OpenVPN settings. Use the "Remote Network/s" box to enter the networks you want to route over the respective VPN.
If you want to route traffic over a OpenVPN client, assign an interface to the client instance. Interfaces > Assignments.
At "Available network ports" select the client instance (e.g. ovpnc1), hit Add, open the settings of the new interface, check Enable and set a proper name. No further configuration to make here!
If you have done that pfSense also add a virtual gateway to the vpn connection which can be used in firewall rules for policy routing or also for gateway monitoring.But do not add static route to a vpn gateway! That's not recommended. As mentioned above, that is to be done in the OpenVPN settings.