Policy Routing based of OpenVPN gateway with 0.0.0.0/0 adds system default gateway too...
-
Hi,
I would like to route all internet traffic from a specific device in my LAN via an OpenVPN site to site configuration, which is configured very well in production mode since long time.
Therefor I have created an Interface Assignment for the configured openvpn which results in an appropriated Gateway in System Routing used by advanced option in a firewall rule which source is the specific host (Policy Routing).
To allow all internet traffic trough the tunnel I have to configure IPv4 Remote network(s) (Servers and Client Specific Overrides) at 0.0.0.0/0.
This is working, BUT it adds an system wide default gateway too, beside the normal WAN gateway (Diagnostic Routes) and all other devices at LAN using for now these two gateways randomly.
System Routing Default Gateway isn't configured to Automatic but WAN.
Does someone have any hints for me?
-
@Bronko You have enabled Don't pull routes in the client config ?
-
@NogBadTheBad Thanks for your reply.
My pfsense host the OpenVPN Server, so no Client here at home. The site to site tunnel setup is working perfect for all configured subnets on both sites.
The main question here is:
Why the adding of 0.0.0.0/0 for IPv4 Remote network(s) (Servers and Client Specific Overrides in OpenVPN) adds a system wide default gateway, beside the default WAN based?How to avoid it or is there another approach to route all host specific traffic via OpenVPN tunnel?
-
In this case I don't understand why in official Doc to Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel configuration of IPv4 Remote network(s) (Servers and Client Specific Overrides in OpenVPN) is missing and how the hole internet Traffic should pass the tunnel without acceptation?
Any help here?
-
@Bronko you don't want to use NAT?
-
@Bronko you don't want to use NAT?
unfortunately, NO
