Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: trech on May 08, 2024, 11:30:28 PM

Title: [Solved]Unable to get OpenVPN to work for selective routing
Post by: trech on May 08, 2024, 11:30:28 PM
I'm trying to setup an OpenVPN Instances with version 24.1.6.  New instances, with selective routing for contents of an Alias tunnel for internet access.  The new VPN>OpenVPN>Instances>Edit screens are somewhat different than the guides I have been able to find;

HOW TO OpenVPN OPNsense CLIENT DEAD SIMPLE: https://forum.opnsense.org/index.php?topic=13465.msg62040#msg62040

Wireguard is the buzz now, and users are updating documentation and videos for version 24.1.+
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

I am able to route all traffic through the OpenVPN instance [PrivadoVPN_Instance] when started, but would like to setup selective routing.  When I add the alias (VPN_Hosts) those hosts are able to use the VPN and have internet access.  But all other host lose the ability to access internet through the WAN.

Does anyone have of an updated guide for 24.1+ for VPN OpenVPN Instances ?

I'm following a current Wireguard setup but the screens are different for OpenVPN Instances
Step 2 - Configure the WireGuard Instance
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html#step-2-configure-the-wireguard-instance

Code Select

| Field                 | Value                        |
| --------------------- | ---------------------------- |
|Role                   | Client                       |
|Description            | PrivadoVPN_Instance          |
|Enabled                | checked                      |
|Protocol               | UDP                          |
|Port number            |                              |
|Bind address           |                              |
|Remote                 | privado.vpn.io:1194          |
|Depend on (CARP)       | None                         |
|Trust                  |                              |
|  Certificate          | None                         |
|  TLS static key       | None                         |
|Authentication         |                              |
|  Username             | <privado-username>           |
|  Password             | ***************              |
|  Renegotiate time     |                              |
|Routing                |                              |
|  Local Network        |                              |
|  Remote Network       |                              |
|Miscellaneous          |                              |
|  Options              | Nothing Selected             |


I'm new to OPNSense and networking but it seems that I should prevent OPNSense from installing the default route when the Instance is started like the example for Wireguard ?

How to "Disable Routes" for a OpenVPN Instances ?

or Any other guidence would be appreciated.
Title: Re: Unable to get OpenVPN to work for selective routing
Post by: trech on May 13, 2024, 09:25:27 PM
I was able to get this resolved by adding

Miscellaneous > Options >
route-noexec

(I think this is the equivalent to Disable Routes)

(//)
Title: Re: [Solved]Unable to get OpenVPN to work for selective routing
Post by: Madifor on August 21, 2024, 10:51:02 AM
Did you have to export profile again...

I also have the same issue that all traffic is forced to the openvpn server and not only the defined local networks
Text only | Text with Images