Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can only push 24 routes to remote clients

    OpenVPN
    3
    3
    2659
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      simonfishley last edited by

      Hi All

      Wondering if anyone has had a similar experience.  We are pushing several routes to our VPN clients. It seems once we go past 24 routes, i.e. try to add one more, OpenVPN just stops working.

      My routes list below:

      push "dhcp-option DOMAIN XXXX";
      push "dhcp-option DOMAIN YYYY";
      push "dhcp-option DOMAIN ZZZZ";
      push "dhcp-option DNS 10.1.1.2";
      push "route 10.1.0.0 255.255.0.0";
      push "route 10.2.0.0 255.255.0.0";
      push "route 10.6.0.0 255.255.0.0";
      push "route 192.168.4.0 255.255.255.0";
      push "route 10.100.1.0 255.255.255.0";
      push "route 10.100.0.0 255.255.255.0";
      push "route 129.41.4.153 255.255.255.255";
      push "route 128.135.181.28 255.255.255.255";
      push "route 194.199.164.10 255.255.255.255";
      push "route 140.234.29.20 255.255.255.255";
      push "route 208.215.179.155 255.255.255.255";
      push "route 129.41.4.153 255.255.255.255";
      push "route 193.131.119.37 255.255.255.255";
      push "route 208.215.179.155 255.255.255.255";
      push "route 83.169.87.81 255.255.255.255";
      push "route 140.234.29.33 255.255.255.255";
      push "route 194.199.164.7 255.255.255.255";
      push "route 129.41.23.161 255.255.255.255";
      push "route 128.232.233.5 255.255.255.255";
      push "route 129.41.4.140 255.255.255.255";
      push "route 150.229.72.10 255.255.255.255";
      push "route 133.40.7.53 255.255.255.255";
      push "route 84.18.184.151 255.255.255.255";
      push "route 193.128.223.19 255.255.255.255";
      no-replay;tun-mtu 1400;
      hand-window 120

      I want to add this : push "route 196.14.182.142 255.255.255.255"; but as soon as i do OpenVPN doesn't let remote users in anymore. My VPNClient log shows :

      Fri 06/19/09 02:04 PM: SENT CONTROL [firewall]: 'PUSH_REQUEST' (status=1)

      Which repeats over and over. If I remove the new route it connects fine.

      Is pushing more than 24 routes uncommon? Is this a limitation of OpenVPN? Any ideas/suggestions. Is this a bug?

      Thanks in advance
      Simon

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        If you google for
        "SENT CONTROL [firewall]: 'PUSH_REQUEST' (status=1)"
        you will find some posts on the OpenVPN mailinglist about
        "[Openvpn-users] Maximum length of –push buffer (1024) has been exceeded"

        It seems that this is a problem of OpenVPN.
        Not much you can do with pfSense about this unless it gets resolved in OpenVPN.

        If you google some more you might find a solution to this problem.
        (I didnt search for a solution).

        1 Reply Last reply Reply Quote 0
        • N
          nosborne last edited by

          Looks like this is addressed now in the latest version of OpenVPN.  Does anyone know when we might see this change in pfSense?  Or what steps are required to manually upgrade OpenVPN meanwhile?

          Here's an excerpt from a recent OpenVPN changelog:

          2009.05.30 – Version 2.1_rc17

          • Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for
            more option content to be pushed from server to client).
          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy