Static Routes without Gateways

  • It would be really useful to be able to define static routes without providing a gateway, such as OpenVPN without pushed routes.

  • What??? 🤔

    Route and gateway belongs to each other. Where will you routing a traffic to??
    Probably to a device by specifying a destination IP. So that IP is your gateway which you have to define first on pfSense.

  • You cannot specify an OpenVPN device as gateway device; the ovpnc devices are not listed, only LAN, WAN, and other ethernet interfaces. Thus, gateway monitoring does not work and the route is not accepted.

  • OpenVPN routing should be configured in the OpenVPN settings. Use the "Remote Network/s" box to enter the networks you want to route over the respective VPN.

    If you want to route traffic over a OpenVPN client, assign an interface to the client instance. Interfaces > Assignments.
    At "Available network ports" select the client instance (e.g. ovpnc1), hit Add, open the settings of the new interface, check Enable and set a proper name. No further configuration to make here!
    If you have done that pfSense also add a virtual gateway to the vpn connection which can be used in firewall rules for policy routing or also for gateway monitoring.

    But do not add static route to a vpn gateway! That's not recommended. As mentioned above, that is to be done in the OpenVPN settings.

Log in to reply