PfSense routing internet traffic to tap0 after setting up bridged OpenVPN



  • I have a working roadwarrior OpenVPN setup but I'm trying to make it bridged.  I used the guide in the pfSense docs which has me add "dev tap0" and "bridge-server serverip subnetmask dhcprangestart dhcprangeend" to the custom options and a few lines to the /conf/config.xml.  After following these steps I did successfully create a bridged VPN and received an IP on the pfSense's LAN subnet.  I tested a multiplayer LAN game which doesn't even work through Hamachi and it worked like a charm.  I thought it was all well and good until I couldn't access www.openvpn.net (at this point there are no VPN clients, I'm working on the home LAN) or a few other websites (www.twitpic.com in particular.)  I've found that by adding the 2 options in custom options the problem starts as soon as I hit save.  Looking in the routes on pfSense after pinging openvpn.net and twitpic.com and it added routes for those two IPs but they were being routed through tap0 rather than the ISP gateway.  The only thing I noticed in the routes that seemed a little weird was the one for the 10.0.2.0 network which is what the address pool of OpenVPN configuration is.  Instead of just saying 10.0.2.0 it had something like 10.0.2.0x200234 (everything after the last octet isn't accurate, I can't access the system right now to copy what it actually says.)

    Why would pfSense try to route everything through tap0?

    EDIT:



  • Well I fixed the routing issue on pfSense by adding "ifconfig 10.0.0.5 255.255.255.0" to the custom options for the VPN.  But now my Windows client isn't routing my 10.0.0.0/24 traffic to the VPN.  I had it working originally but I don't even think it was working before I added the ifconfig to the VPN.

    EDIT: Added "route 10.0.0.0 255.255.255.0" to the client config and all seems to be well.


Log in to reply