I have a running OpenVPN client serving an entire subnet ("site"-mode). Furthermore, that OpenVPN is configured to use a socks5 proxy to connect to the server on the internet, instead of connecting directly. The setup is managed by NetworkManager and looks like this:
Network A:
* gateway to the internet
* proxy
* machine running OpenVPN client
Network B: The "private" network, all traffic routed via OpenVPN
* machine running OpenVPN client, also acting as gateway
Everything works fine, except that OpenVPN frequently adds a route to the socks5 proxy in network A via the gateway of network A , which does not make any sense to me as the proxy is directly reachable by the machine running OpenVPN. Despite the longer way and bandwidth waste, it also complicates firewall rules on the gateway of network A. On the machine running OpenVPN, I can see the following syslog entry:
Code: Select all
net_route_v4_add: 10.X.X.4/32 via 10.X.X.1 dev eth0 table 0 metric -1Is there any way to prevent OpenVPN from setting this incorrect route?
Here is the configuration option I use for the machine running the OpenVPN "client" that serves the entire network B:
Code: Select all
remote mydomain.com <openvpn port>
socks-proxy 10.X.X.4 <proxy port>
dev tun
proto tcp
client
tun-mtu 1500
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/site.crt
key /etc/openvpn/keys/site.key
tls-auth /etc/openvpn/keys/tls-auth.key
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
comp-lzo
verb 3
If I need to provide more specific information, please let me know.
Thanks!