routing client that is not gateway

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.
Post Reply
sevillo
OpenVpn Newbie
Posts: 3
Joined: Mon May 15, 2017 2:21 am

routing client that is not gateway

Post by sevillo » Mon May 22, 2017 1:01 am

Hi

I'm trying to connect a client to a server, the client connects fine, however, my client is not my LAN default gateway and when routes are pushed, it overlaps my client's default gateway and it becomes unreachable from the LAN, you can still access from the VPN subnet.

This is my routing table of the client, it's IP is 192.168.1.116

Code: Select all

root@pi:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    202    0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
192.168.1.0     0.0.0.0         255.255.255.0   U     202    0        0 eth0
When the VPN connects, this is the result:

Code: Select all

root@pi:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    202    0        0 eth0
10.0.0.0        10.0.0.5        255.255.255.0   UG    0      0        0 tun0
10.0.0.5        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
192.168.1.0     0.0.0.0         255.255.255.0   UG    0      0        0 eth0
192.168.1.0     10.0.0.5        255.255.255.0   UG    0      0        0 tun0
192.168.69.0    10.0.0.5        255.255.255.0   UG    0      0        0 tun0
192.168.71.0    10.0.0.5        255.255.255.0   UG    0      0        0 tun0
192.168.169.0   10.0.0.5        255.255.255.0   UG    0      0        0 tun0

Since I connect a few other clients, I want to let the other clients know about that other client using push commands:
server push configs
push "route 192.168.69.0 255.255.255.0 vpn_gateway"
push "route 192.168.71.0 255.255.255.0 vpn_gateway"
push "route 192.168.169.0 255.255.255.0 vpn_gateway"
push "route 192.168.1.0 255.255.255.0 vpn_gateway"
How could I avoid that route for overlapping one of my client's? I could just remove it from the server's config and add it manually on the other clients when the tunnel goes up, but I was wondering if there were something better in case I add more clients and avoid having to run a script when the tunnel is up.

Thanks in advance.

Post Reply