Add route to a Client OpenVPN

djmime · Oct 9, 2012, 10:41 AM

Hi I need to add moor then 2 routes to a client VPN
is there a way to do that
I need to add route to the following networks
172.16.10.0/24
192.168.0.0/24
172.16.11.0/24
I can add only one additional route to the client
when I try to add the second I get an error on the client
push route mast be a valid subnet
thanks Daniel

phil.davis · Oct 9, 2012, 11:35 AM

The server needs to know about the subnets available at the client end. So you can do either one of:
a) Tell the server about it directly - on the server config, put the first subnet in the "Remote Network" field and then in Advanced put:

route 192.168.0.0 255.255.255.0;route 172.16.11.0 255.255.255.0

or
b) Push the routes to the server from the client - on the client config, put the first subnet in the "Local Network" field and then in Advanced put:

push "route 192.168.0.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"

I am assuming that both the server and client are pfSense, if not then pick whichever of option (a) or (b) is pfSense.
Remember to add firewall rules to permit the traffic that you want to allow across the OpenVPN to and from the networks.

djmime · Oct 9, 2012, 12:08 PM

Hi
I have added the routes on the client specific overrides
two routes but I am getting only one
1 push "route 172.16.11.0 255.255.255.0"
2 push "route 172.16.10.0 255.255.255.0"
I can see that I have a route for 172.16.10.0 network
and the default that is configured on the server 192.168.2.0 network
cant see the other routes that I have added
thanks Daniel

phil.davis · Oct 9, 2012, 1:06 PM

My first post above is around the wrong way (you want to add routes for subnets reachable at the server end, to the client end), but you have worked that out. The principle is still there, just needs the 'push "route…"' and 'route...' swapping around a bit.

In the Advanced section, make sure you separate the 2 push commands with a semicolon. And do not put any new lines in, do not even put a ";" at the end:

push "route 172.16.11.0 255.255.255.0";push "route 172.16.10.0 255.255.255.0"

Hopefully the issue is just the syntax in the Advanced box.

djmime · Oct 9, 2012, 5:16 PM

Hi
thanks for the help
i have to say that now the client is getting the routes that i have added this morning
without any changes
just added this line
push "route 172.16.10.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"
up until know the route wont work for some reason
thanks for the help Daniel :)