Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - toggenation

Pages1
#1
Virtual private networks / Re: Exclude some local subnets from OpenVPN tunnel
Today at 12:26:35 AM
Can get the result wanted by adding the following to the .ovpn file you give to the client

Code Select
redirect-gateway def1 ipv6
route 10.19.80.0 255.255.255.0 net_gateway
#2
Virtual private networks / Exclude some local subnets from OpenVPN tunnel
June 09, 2026, 06:09:39 AM

On OPNsense 26.1.9 my OpenVPN server pushes a route to make both IPv4 and IPv6 the default gateway. So all traffic goes over the tunnel.

Code Select
route push "redirect-gateway def1 ipv6"
I would create an exclusion to cause the OpenVPN client to send some traffic to the local gateway instead of the OpenVPN tunnel

How do I achieve keeping the tunnel as the default gateway and excluding traffic for some subnets from entering the tunnel?

In the past I would have pushed a custom route to the client as follows:
Code Select
route push "10.19.80.0 255.255.255.0 net_gateway"
I've looked at CSO (Client Specific Overrides) and there doesn't appear to be a custom settings field to allow it. (from memory this used to be available before the update to the new instance configuration GUI)

Pages1