"
I just got this working using a fresh OPNsense install (18.1.6). In the VPN client configuration, you definitely want to leave "Don't pull routes" unchecked and check "Don't add/remove routes".
I do have the DNS problem that some people mentioned, though. Basically, from the machine I'm forcing to go through the VPN tunnel, I am able to ping addresses on the Internet, but DNS look-ups fail.
Using Wireshark, I see the DNS requests go out from the client to OPNsense, but I never see a reply.
In the OPNsense log, I see the DNS request come in from the client, and then a DNS reply seems to come from the OpenVPN client IP assigned to the interface.
If I manually configure my client machine to use another DNS server (e.g. 8.8.8.8), then everything works.
I'm using the default DNS server - "Unbound DNS" - so the next thing I'll be trying is to use Dnsmasq instead.
I do have the DNS problem that some people mentioned, though. Basically, from the machine I'm forcing to go through the VPN tunnel, I am able to ping addresses on the Internet, but DNS look-ups fail.
Using Wireshark, I see the DNS requests go out from the client to OPNsense, but I never see a reply.
In the OPNsense log, I see the DNS request come in from the client, and then a DNS reply seems to come from the OpenVPN client IP assigned to the interface.
If I manually configure my client machine to use another DNS server (e.g. 8.8.8.8), then everything works.
I'm using the default DNS server - "Unbound DNS" - so the next thing I'll be trying is to use Dnsmasq instead.
