Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Cannot route through OpenVPN Peer to Peer mode

    OpenVPN
    2
    2
    92
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Josef last edited by Josef

      Hi All,

      I have an issue where I cannot route my internal subnets through the OpenVPN tunnel when set to 'Peer to Peer (SSL/TLS)' mode.
      In 'Peer to Peer (SharedKey) it works fine.

      I believe the problem is that when Peer to Peer (SSL/TLS) mode is selected, it enables the Client Settings - Topology section, which results in 'topology subnet' being added to the effective openvpn serverX.conf file.

      When in 'Peer to Peer (SharedKey)' mode, that section is hidden, and the 'topology subnet' is not present in the effective OpenVPN config file.

      And I think that when the topology is set, it limits communication to only within the tunnel network, and therefore believe this should only be present in remote access type modes, not in any peer to peer modes.

      is this a bug, or am I misunderstanding the capability of the 'Peer to Peer (SSL/TLS)' mode?

      I am running 3.4.5P1

      Thanks!!

      1 Reply Last reply Reply Quote 0
      • Rico
        Rico LAYER 8 Rebel Alliance last edited by

        You need to add an iroute (VPN > OpenVPN > Client Specific Overrides) when using topology style subnet.
        Use the client cert name as Common Name and fill the Clients local subnet to IPv4 Remote Network/s

        -Rico

        2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

        1 Reply Last reply Reply Quote 0
        • First post
          Last post