Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Policy Routing based of OpenVPN gateway with 0.0.0.0/0 adds system default gateway too...

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 3 Posters 754 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      Bronko
      last edited by

      Hi,

      I would like to route all internet traffic from a specific device in my LAN via an OpenVPN site to site configuration, which is configured very well in production mode since long time.

      Therefor I have created an Interface Assignment for the configured openvpn which results in an appropriated Gateway in System Routing used by advanced option in a firewall rule which source is the specific host (Policy Routing).

      To allow all internet traffic trough the tunnel I have to configure IPv4 Remote network(s) (Servers and Client Specific Overrides) at 0.0.0.0/0.

      This is working, BUT it adds an system wide default gateway too, beside the normal WAN gateway (Diagnostic Routes) and all other devices at LAN using for now these two gateways randomly.

      System Routing Default Gateway isn't configured to Automatic but WAN.

      Does someone have any hints for me?

      NogBadTheBadN 1 Reply Last reply Reply Quote 0
      • NogBadTheBadN Offline
        NogBadTheBad @Bronko
        last edited by NogBadTheBad

        @Bronko You have enabled Don't pull routes in the client config ?

        Screenshot 2023-07-21 at 19.28.51.png

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        B 1 Reply Last reply Reply Quote 0
        • B Offline
          Bronko @NogBadTheBad
          last edited by

          @NogBadTheBad Thanks for your reply.

          My pfsense host the OpenVPN Server, so no Client here at home. The site to site tunnel setup is working perfect for all configured subnets on both sites.

          The main question here is:
          Why the adding of 0.0.0.0/0 for IPv4 Remote network(s) (Servers and Client Specific Overrides in OpenVPN) adds a system wide default gateway, beside the default WAN based?

          How to avoid it or is there another approach to route all host specific traffic via OpenVPN tunnel?

          B 1 Reply Last reply Reply Quote 0
          • B Offline
            Bronko @Bronko
            last edited by

            In this case I don't understand why in official Doc to Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel configuration of IPv4 Remote network(s) (Servers and Client Specific Overrides in OpenVPN) is missing and how the hole internet Traffic should pass the tunnel without acceptation?

            Any help here?

            H 1 Reply Last reply Reply Quote 0
            • H Offline
              hr1sha @Bronko
              last edited by

              @Bronko you don't want to use NAT?

              B 1 Reply Last reply Reply Quote 0
              • B Offline
                Bronko @hr1sha
                last edited by

                @Bronko you don't want to use NAT?

                unfortunately, NO

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.