1
19.1 Legacy Series / OpenVPN internal route(s) not added automatically
« on: February 20, 2019, 03:46:30 pm »
When configuring an OpenVPN server for a peer-to-peer connection to another site, the user interface allows you to specify, under "IPv4/6 Remote Network", a (list of) far network(s) that are then automatically routed over the VPN connection. To enable these routes however, OpenVPN needs --iroute option(s) to really enable these routes (see OpenVPN documentation). These can be added on the server page under "Advanced configuration" or as a Client Specific Override, e.g.:
The user interface thus falsly suggests that specifying these networks as "IPv4/6 Remote Network" is sufficient.
(this sadly cost me half a day to figure out!)
Quote
iroute 10.8.6.128 255.255.255.192
The user interface thus falsly suggests that specifying these networks as "IPv4/6 Remote Network" is sufficient.
(this sadly cost me half a day to figure out!)