Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Remote Access Route Problem

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      ScorchedHands
      last edited by

      I am working on a 2.0-RELEASE router setting up OpenVPN Remote Access.  The setup is all correct but now when it creates the local routes on the pfsense box it creates them wrong:

      An existing OpenVPN Server:
      10.10.50.1 link#23 UHS 0 0 16384 lo0
      10.10.50.2 link#23 UH 0 819 1500 ovpns7

      New OpenVPN Server:
      10.19.0.1 link#25 UHS 0 0 16384 lo0 =>
      10.19.0.1/32 link#25 U 0 0 1500 ovpns8

      The the remote access clients can not pass traffic because the ip on the pfsense side is "10.19.0.1/32". Has anyone come across this before?  Is there some setting I'm doing wrong?

      OpenVPN Server Config:

      Remote Access (User Auth)
      Protocol: UDP
      Device Mode: tun
      TLS Auth: off
      Tunnel Network: 10.19.0.0/24
      Local Network: 192.168.19.0/24
      Compression: on
      Type-of-Service: off
      Inter-Client: off
      Dynamic IP: on (tried with off as well)
      Address Pool: on
      DNS Default Domain: escrow.local
      DNS Servers: 192.168.19.1

      Log output (reverse order):

      Jun 28 12:52:18 openvpn[63383]: UDPv4 link local (bound): [AF_INET]108.52.126.50:1195
      Jun 28 12:52:18 openvpn[62078]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
      Jun 28 12:52:18 openvpn[62078]: /usr/local/sbin/ovpn-linkup ovpns8 1500 1558 10.19.0.1 10.19.0.2 init
      Jun 28 12:52:18 openvpn[62078]: /sbin/ifconfig ovpns8 10.19.0.1 10.19.0.2 mtu 1500 netmask 255.255.255.255 up
      Jun 28 12:52:18 openvpn[62078]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Jun 28 12:52:18 openvpn[62078]: TUN/TAP device /dev/tun8 opened

      1 Reply Last reply Reply Quote 0
      • P
        pkwong
        last edited by

        What does the server say?

        When all else fails, don't blame the machine.  Blame your architecture.

        1 Reply Last reply Reply Quote 0
        • S
          ScorchedHands
          last edited by

          Everything there is from the server side.  The client side shows no differences and I am 100% certain that the bad route is the issue.

          1 Reply Last reply Reply Quote 0
          • P
            pkwong
            last edited by

            It didn't finish establishing the connection.  I'd need to see more if you still haven't fixed the solution, you can always contact me.

            Cheers.

            -Percy

            When all else fails, don't blame the machine.  Blame your architecture.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.