• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Add route to a Client OpenVPN

Scheduled Pinned Locked Moved OpenVPN
5 Posts 2 Posters 46.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    djmime
    last edited by Oct 9, 2012, 10:41 AM

    Hi I need to add moor then 2 routes to a client VPN
    is there a way to do that
    I need to add route to the following networks
    172.16.10.0/24
    192.168.0.0/24
    172.16.11.0/24
    I can add only one additional route to the client
    when I try to add the second I get an error on the client
    push route mast be a valid subnet
    thanks Daniel

    1 Reply Last reply Reply Quote 0
    • P
      phil.davis
      last edited by Oct 9, 2012, 11:35 AM Oct 9, 2012, 11:32 AM

      The server needs to know about the subnets available at the client end. So you can do either one of:
      a) Tell the server about it directly - on the server config, put the first subnet in the "Remote Network" field and then in Advanced put:

      route 192.168.0.0 255.255.255.0;route 172.16.11.0 255.255.255.0
      

      or
      b) Push the routes to the server from the client - on the client config, put the first subnet in the "Local Network" field and then in Advanced put:

      push "route 192.168.0.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"
      

      I am assuming that both the server and client are pfSense, if not then pick whichever of option (a) or (b) is pfSense.
      Remember to add firewall rules to permit the traffic that you want to allow across the OpenVPN to and from the networks.

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • D
        djmime
        last edited by Oct 9, 2012, 12:08 PM

        Hi
        I have added the routes on the client specific overrides
        two routes but I am getting only one
        1 push "route 172.16.11.0 255.255.255.0"
        2 push "route 172.16.10.0 255.255.255.0"
        I can see that I have a route for 172.16.10.0 network
        and the default that is configured on the server 192.168.2.0 network
        cant see the other routes that I have added
        thanks Daniel

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by Oct 9, 2012, 1:06 PM

          My first post above is around the wrong way (you want to add routes for subnets reachable at the server end, to the client end), but you have worked that out. The principle is still there, just needs the 'push "route…"' and 'route...' swapping around a bit.

          In the Advanced section, make sure you separate the 2 push commands with a semicolon. And do not put any new lines in, do not even put a ";" at the end:

          push "route 172.16.11.0 255.255.255.0";push "route 172.16.10.0 255.255.255.0"
          

          Hopefully the issue is just the syntax in the Advanced box.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • D
            djmime
            last edited by Oct 9, 2012, 5:16 PM

            Hi
            thanks for the help
            i have to say that now the client is getting the routes that i have added this morning
            without any changes
            just added this line
            push "route 172.16.10.0 255.255.255.0";push "route 172.16.11.0 255.255.255.0"
            up until know the route wont work for some reason
            thanks for the help  Daniel :)

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received