16
18.1 Legacy Series / problem with /30 and peer-to-peer OpenVPN tunnel
« on: May 07, 2018, 08:06:22 am »
I have a peer-to-peer OpenVPN tunnel between two sites. It works fine, with an exception. If I make the IPv4 tunnel network a /29 or larger, the route gets added correctly:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0/29 172.16.1.2 UGS ovpns1
However, if I make the IPv4 tunnel network a /30 (which is all that's needed for a point to point VPN), oddness occurs:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0&0xac100102 172.16.1.2 UGS ovpns1
This ends up sending all 172/8 traffic across the tunnel, and possibly more.
I'm running opnsense 18.1.7. Suggestions?
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0/29 172.16.1.2 UGS ovpns1
However, if I make the IPv4 tunnel network a /30 (which is all that's needed for a point to point VPN), oddness occurs:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0&0xac100102 172.16.1.2 UGS ovpns1
This ends up sending all 172/8 traffic across the tunnel, and possibly more.
I'm running opnsense 18.1.7. Suggestions?