Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing missing from OpenVPN server-client after working previously?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 339 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Naver
      last edited by

      Just encountered a weird issue. I had setup OpenVPN server on PFsense last week, and had been able to connect previously with no issues.

      This morning I went to connect on and although I connected onto the tunnel network (192.168.75.0/24) fine, I had no access to the LAN network (192.168.74.0/24).

      Doing a ping and a packet capture on both sides showed that the ping was reaching the LAN network, but the response was not being received at the tunnel. After comparing with another client setup the same way, I found there was no route to the LAN network being pushed to the connection.

      Manually adding push "route 192.168.74.0 255.255.255.0" resolved the issue, but I am a bit concerned how this happened after working previously.

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by

        Using the IPv4 Local network(s) Box is doing the very same than push "route 192.168.74.0 255.255.255.0" in Custom options.

        -Rico

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Using Local Network(s) is the preferred method because pfSense has a way to know about the networks there in the configuration.

          It is synonymous with the push route as has been said. Doing both should be harmless though will probably result in a logged error on the client side when the client tries to add the route to the routing table a second time. This can make people chase their tails for nothing.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.