EDIT: problem solved, UNRELATED to opnsense.
I had a static route in the system (win11) that would only show if the interface with its gateway was up. so when I checked the routes before connecting, it wouldn't be listed and once I connected it was there. I hence falsely assumed that opnsense was pushing that route; should've checked verbose logs sooner.
my bad. sorry!
-------------------
opposed to many (all?) posts that I found, I DO NOT want the route for my LAN being pushed by the openvpn server.
OPNsense 24.1.3_1-amd64
My problem is: no matter what I do, my openvpn server always pushes the LAN subnet route.
How can I stop this? I want to set very specific routes to be pushed (one host to be exact).
I also don't want to fix this on the client side by ignoring pushed routes (no-pull options) as that would mean editing client configs.
The "client specific overrides" section in opnsense is also not helpful, as this works on a per-client basis. I want this disabled for all clients, i.e. all clients get the same specific route pushed and nothing else.
Example:
openvpn server pushes routes for my LAN subnet 192.168.1.0/24
what I want it to push instead: 192.168.1.150/32 (exactly one host, and only that)
what is being pushed when I add my one host to "Local Network" in the server config:
192.168.1.0/24 AND 192.168.1.150/32
I have tried setting "route-nopull" and "route-noexec" from the misc options in the server config but that hasn't worked either. I didn't select anything under "push options", aswell as "redirect gateway".