[Solved] Problems routing all traffic through OpenVPN server.

[withsmile]

Hello,
My office network contains several VLANs, such as VLAN10(10.7.10.0/24 gw10.7.10.254), VLAN11(10.7.11.0/24 gw10.7.11.254), all these gateways are held by one same core switch.

My computer acesses LAN through VLAN11, and is internet-accessible. Application Server acesses LAN through VLAN10, ip address is 10.7.10.5.

My home network is held by ASUS AC68U merlin(192.168.1.0/32 gw192.168.1.1), and I set up an OPENVPN server on router.

If I triggered OPENVPN client connected to home on my computer, connection between 10.7.10.5 and my computer would be lost, none traffic could be sent to VLAN10. All traffic was routed to home OPENVPN server.

How can I fix the problem ? Thanks a lot for help !

daemon
server-bridge
push "route 0.0.0.0 255.255.255.255 net_gateway"
proto tcp-server
port ****
dev tap21
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
cipher AES-256-CBC
auth SHA256
comp-lzo adaptive
keepalive 15 60
verb 3
duplicate-cn
push "dhcp-option DNS 192.168.1.1"
push "route-gateway 192.168.1.1"
push "redirect-gateway def1"
tls-auth static.key
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 10
#config.ovpn

client
dev tap
;dev-node MyTap
proto tcp-client
remote ... ****
float
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
cipher AES-256-CBC
auth SHA256
comp-lzo adaptive
keepalive 15 60
ns-cert-type server
resolv-retry infinite
nobind
#client.ovpn

Wed Jun 28 16:10:14 2017 OpenVPN 2.4.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 22 2017
Wed Jun 28 16:10:14 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jun 28 16:10:14 2017 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.09
Wed Jun 28 16:10:14 2017 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Wed Jun 28 16:10:15 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]...:****
Wed Jun 28 16:10:15 2017 Attempting to establish TCP connection with [AF_INET]...:**** [nonblock]
Wed Jun 28 16:10:16 2017 TCP connection established with [AF_INET]...:****
Wed Jun 28 16:10:16 2017 TCP_CLIENT link local: (not bound)
Wed Jun 28 16:10:16 2017 TCP_CLIENT link remote: [AF_INET]...:****
Wed Jun 28 16:10:16 2017 [RT-AC68U] Peer Connection Initiated with [AF_INET]...:****
Wed Jun 28 16:10:17 2017 open_tun
Wed Jun 28 16:10:17 2017 TAP-WIN32 device [TAP] opened: \.\Global{63FC4322-02A0-46CB-A2CE-8542B952E285}.tap
Wed Jun 28 16:10:17 2017 Successful ARP Flush on interface [43] {63FC4322-02A0-46CB-A2CE-8542B952E285}
Wed Jun 28 16:10:22 2017 Initialization Sequence Completed
#CLIENT LOG

[TinCanTech]

If I triggered OPENVPN client connected to home on my computer, connection between 10.7.10.5 and my computer would be lost, none traffic could be sent to VLAN10. All traffic was routed to home OPENVPN server.

How can I fix the problem ?

server-bridge
<snip>
push "redirect-gateway def1" ### <-- Delete Me

See --redirect-gateway in The Manual v24x

[withsmile]

If I triggered OPENVPN client connected to home on my computer, connection between 10.7.10.5 and my computer would be lost, none traffic could be sent to VLAN10. All traffic was routed to home OPENVPN server.

How can I fix the problem ?

server-bridge
<snip>
push "redirect-gateway def1" ### <-- Delete Me

See --redirect-gateway in The Manual v24x

It works ! Thank you very much.