OpenVPN - Client Overrides - Tunnel Network, no routing

[inuleki]

Hello,

on my OPNSense, I have 3 interfaces:

• WAN
• LAN
• DirtyNetwork

I setup OpenVPN Server:

• Tunnel Network 10.0.5.0/24
• Local Network 172.16.8.0/24,192.168.179.0/24
• Firewall Rules allow all traffic

When connecting, I can reach all Networks

I setup Client Specific Override that changes only

• Tunnel Network 10.0.15.0/24

When connecting, I cannot reach any Network.

When I check System - Routes - Status, I do not find any route to 10.0.15.0/24

When I check the firewall logs, I see packets hitting the firewall of the OPNSense from my client. I assume the System does not know the route back to 10.0.15.0/24.

When I try to add a route manually, I cannot choose the OpenVPN as the Gateway.

Does anyone have an idea what I am doing wrong ?

[tiermutter]

In client specific overrides you must not define a net out of the VPN server's one.
You must define a host address or a network that fits into the server's range (tunnel network).