2 active vpn clients



  • Hi,

    While setting up 2 openVPN clients I saw following log statements for the first one becoming active :

    Jul 31 00:17:52 openvpn[65454]: /sbin/ifconfig ovpnc2 10.10.3.50 10.10.3.50 mtu 1500 netmask 255.255.0.0 up
    Jul 31 00:17:52 openvpn[65454]: /sbin/route add -net 10.10.0.0 10.10.3.50 255.255.0.0
    Jul 31 00:17:52 openvpn[65454]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1542 10.10.3.50 255.255.0.0 init
    Jul 31 00:17:52 openvpn[65454]: /sbin/route add -net 216.168.3.150 192.168.0.1 255.255.255.255
    Jul 31 00:17:52 openvpn[65454]: /sbin/route add -net 0.0.0.0 10.10.0.1 128.0.0.0
    Jul 31 00:17:52 openvpn[65454]: /sbin/route add -net 128.0.0.0 10.10.0.1 128.0.0.0

    When the second vpn client starts it tries again to add a route like :

    Jul 31 00:17:52 openvpn[65454]: /sbin/route add -net 0.0.0.0 …......

    Which obviously fails since there is already one for 0.0.0.0....

    Does pfsense allows multiple active openVPN clients at the same time ?
    Why is the default/0.0.0.0 route being changed towards the openVPN device.

    I use policy based routing to select the outgoing openVPN gateway....

    When a disable the openVPN clients, the second one tries to remove the 0.0.0.0 route entry and fails, since the first disabled one already removed it.

    How can I setup 2 openVPNclients pointing to the same VPN provider/company but with each a different hostname entry point ? (each located in a different country)

    Many thanks.

    Regards, Bert.



  • Hi bert.vermeiren,

    The OpenVPN server probably pushes out default routes to you. You should have a look here: https://forums.openvpn.net/topic10571.html
    Add "route-nopull" to the advanced config on both tunnels.

    If my memory serves me right, you can then use rules to select which VPN tunnel shall be used as the gateway for outgoing traffic, for specific hosts.



  • The route-nopull option did the trick !

    Many thanks !