• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Some settings are not in the OpenVPN config file

Scheduled Pinned Locked Moved OpenVPN
9 Posts 3 Posters 2.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    Panja
    last edited by Oct 19, 2015, 4:07 PM

    I have created an OpenVPN server on my pfSense box.
    Installed the "OpenVPN Client Export Utility" package.

    In my OpenVPN server config I have the following setup:
    DNS Default Domain: panja.lan
    DNS Servers: 192.168.1.1 (pfSense box)
    Redirect Gateway

    My IPv4 Tunnel Network has been set to: 192.168.2.0/24

    The connection itself is working but the 2 options I have setup are not in the config file.
    So the DNS default domain and DNS server are not pushed. Also Redirect Gateway is not pushed.
    So in my OpenVPN client the option "Send All Traffic Over VPN connection" is not ticked…

    How can I fix this?

    1 Reply Last reply Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator
      last edited by Oct 19, 2015, 4:12 PM

      Other then the default gateway why do you think the domain and dns servers would be in your config?  Those would be gotten from dhcp when the client connects.

      Ethernet adapter Local Area Connection:

      Connection-specific DNS Suffix  . : local.lan
        Description . . . . . . . . . . . : TAP-Windows Adapter V9
        Physical Address. . . . . . . . . : 00-FF-EE-16-B9-3C
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IPv6 Address. . . . . . . . . . . : 2001:snipped::1000(Preferred)
        Link-local IPv6 Address . . . . . : fe80::fd9b:6799:7fc9:2969%27(Preferred)
        IPv4 Address. . . . . . . . . . . : 10.0.8.6(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.252
        Lease Obtained. . . . . . . . . . : Monday, October 19, 2015 11:10:34 AM
        Lease Expires . . . . . . . . . . : Tuesday, October 18, 2016 11:10:34 AM

        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 10.0.8.5
        DNS Servers . . . . . . . . . . . : 192.168.9.253
        NetBIOS over Tcpip. . . . . . . . : Enabled

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • P
        Panja
        last edited by Oct 19, 2015, 4:20 PM Oct 19, 2015, 4:14 PM

        Because I specified them in my OpenVPN server setup?

        1 Reply Last reply Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator
          last edited by Oct 19, 2015, 4:23 PM

          but that info does not get put into the client conf file.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • P
            Panja
            last edited by Oct 19, 2015, 4:24 PM

            Ok, did not know that.

            But another question comes up than.
            How can I push those settings to the client?

            The Redirect Gateway is essential for me.

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by Oct 19, 2015, 4:26 PM

              Perhaps you could start with reading the wiki docs?

              1 Reply Last reply Reply Quote 0
              • P
                Panja
                last edited by Oct 19, 2015, 4:38 PM Oct 19, 2015, 4:30 PM

                Thanks for pointing that out, but I have done that already.
                Could you be more specific?

                1 Reply Last reply Reply Quote 0
                • J
                  johnpoz LAYER 8 Global Moderator
                  last edited by Oct 19, 2015, 4:42 PM

                  your client would get them via dhcp when they connect.. You do have openvpn set to give them an IP right

                  Provide a virtual adapter IP address to clients (see Tunnel Network)

                  As to redirect that would be in the conf file..

                  Redirect Gateway Force all client generated traffic through the tunnel.  This should push it to your client, but maybe your not getting any of the push info?

                  You can always put it in the client config
                  redirect-gateway def1

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • P
                    Panja
                    last edited by Oct 19, 2015, 5:08 PM

                    I'm pretty lost now…

                    My iOS client gives me the following line in the log file: "redirect-gateway def1"
                    My MacBook client (Viscosity) does not have this in the log file but when I go to whatsmyip.com I do get the (external) IP from my OpenVPN server.
                    But when I check the options in Viscosity client the box that says: "send all traffic over VPN" is unticked.

                    1 Reply Last reply Reply Quote 0
                    3 out of 9
                    • First post
                      3/9
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received