OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: netgeek on May 07, 2018, 08:06:22 am
-
I have a peer-to-peer OpenVPN tunnel between two sites. It works fine, with an exception. If I make the IPv4 tunnel network a /29 or larger, the route gets added correctly:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0/29 172.16.1.2 UGS ovpns1
However, if I make the IPv4 tunnel network a /30 (which is all that's needed for a point to point VPN), oddness occurs:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0&0xac100102 172.16.1.2 UGS ovpns1
This ends up sending all 172/8 traffic across the tunnel, and possibly more.
I'm running opnsense 18.1.7. Suggestions?
-
Try setting topology to p2p in the server config file. From the OpenVPN man page:
p2p -- Use a point-to-point topology where the remote endpoint of the client's tun interface always points to the local endpoint of the server's tun interface. This mode allocates a single IP address per connecting client. Only use when none of the connecting clients are Windows systems.
Bart...
-
This feels more like a bug. The same config works fine on pfsense.