Static Routes Not Working

sae

Since the update from 2.6 to 2.7 I'm having ovpn issues. For now I wanted to convert my shared key site to site to TLS. I'm connected from the client to the server and route fine, but from the server site I can't reach the local net on the client side.

Server Local Net is 192.168.0.0/24
Tunnel Net is 192.168.15.0/24
Client Local Net is 10.0.0.0/24 (pfSense router)

in the custom options I added:
route 10.0.0.0 255.255.255.0;

When I look at the routing table it shows:
10.0.0.0/24 192.168.15.2 UGS 12 1500 ovpns1

I can't seem to reach the router at 10.0.0.1 but I can reach it at 192.168.15.2

Am I doing something wrong?

viragomann

@sae
You have to configure a client specific override (CSO) for the client.

At common name enter the common name used in the clients TLS certificate.
At remote networks enter the client sides LAN.

In the server settings also enter the clients LAN at remote networks and remove the route from the custom options.

sae

@viragomann

You are awesome!! That did the trick. I didn't have "remote networks" on my server config only "local networks" so I kept the the route in the custom options and it worked.