Issues with Def1

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
xayide
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 02, 2018 8:40 am

Issues with Def1

Post by xayide » Sat Jul 11, 2020 5:21 pm

OpenVPN has a default that is not suitable for me. It does the below.....only I do not need the 0.0.0.0/1 and 128.0.0.0/1. I only need the last entry for the endpoint but doing 'pull-filter ignore "redirect gateway"' makes it not do any of the below...so how can I omit the default GW but still get the Endpoint route for the default gw on the firewall?


The additional routes are the result of the  `redirect-gateay`  option.
This adds 3 routes, the first two together span the whole internet and redirect into the tunnel:
```
dest 0.0.0.0 mask 128.0.0.0 gw 10.100.100.5
dest 128.0.0.0 mask 128.0.0.0 gw 10.100.100.5
```
These provide a "better" routing match than the default gateway (with a mask of zero) for all internet addresses.
The 3rd redirects the real VPN endpoint IP address to use the original gateway, and will be used for the encrypted VPN packets:
```
dest 185.118.18.66 mask 255.255.255.255 gw 192.168.20.254
```

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7580
Joined: Fri Jun 03, 2016 1:17 pm

Re: Issues with Def1

Post by TinCanTech » Sat Jul 11, 2020 6:09 pm

You would have to do it yourself ..

xayide
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 02, 2018 8:40 am

Re: Issues with Def1

Post by xayide » Sat Jul 11, 2020 6:11 pm

Thats what I've done. Although if ISP decides to change gateway it will not work ;(


I was thunking mybe to have a route-up script withe delay and delete the two routes ;)

300000
OpenVPN Super User
Posts: 215
Joined: Tue May 01, 2012 9:30 pm

Re: Issues with Def1

Post by 300000 » Sat Jul 11, 2020 6:55 pm

When you ve done it let post jn here so someone can learn from it

xayide
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 02, 2018 8:40 am

Re: Issues with Def1

Post by xayide » Sun Jul 12, 2020 9:24 am

Got help over at openwrt-forum from VGAETERA

pull-filter ignore redirect-gateway
route remote_host 255.255.255.255 net_gateway


I tested it and it works.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7580
Joined: Fri Jun 03, 2016 1:17 pm

Re: Issues with Def1

Post by TinCanTech » Sun Jul 12, 2020 11:06 am

Thanks for letting us know 8-)

I must admit I forgot about remote_host ..

Post Reply