Is it possible to split tunnel if I run the OpenVPN server from my OPNsense firewall?
Yes, only set the route to your internal LAN to your clients with a push-route and don't use redirect-gateway.
On the OpenVPN server page:
untick 'Redirect Gateway'
under Advanced add:
push "route 192.168.1.0/24"
replace 192.168.1.0/24 with your LAN network and mask.
Bart...
Hi,
(sorry to revive this old thread, but it fits well with my issue)
I am using push "route 192.168.99.0/24" to allow remote access through an OpenVPN tunnel to my resources in LAN (NAS, firewall, etc.), but leave all remaining traffic on the client side and not go through the tunnel. It appears to work, but when I dial in this error pops up in the log:
Options error: route parameter network/IP '192.168.99.0/24' must be a valid address
What am I missing?