[solved] openvpn client keeps overwriting default gateway after update to 19.7

[guest21564]

Hi,
I am using an OpenVPN to unite all controlled routers in one virtual private network (for management purposes). The problem is:
After upgrade to 19.7, suddenly,  when openvpn-client connects to the server, it is setting default route to 10.8.0.1 (openvpn), but the openvpn-server is pushing:
route 10.8.0.0 255.255.255.0

Code: [Select]

ipv4 default 10.8.0.1 UGS 168 1500 ovpnc1 N**D_VPN
ipv4 8.8.8.8 192.168.0.1 UGHS 53 1500 bge1 WAN
ipv4 127.0.0.1 link#3 UH 1905 16384 lo0
ipv4 192.168.0.0/24 link#2 U 10857 1500 bge1 WAN
ipv4 192.168.0.3 link#2 UHS 0 16384 lo0
ipv4 192.168.1.0/24 link#1 U 27296 1500 bge0 LAN
ipv4 192.168.1.1 link#1 UHS 0 16384 lo0
ipv6 ::1 link#3 UH 0 16384 lo0
ipv6 fe80::%bge0/64 link#1 U 0 1500 bge0 LAN
ipv6 fe80::2e0:b6ff:fe15:fe9a%bge0 link#1 UHS 0 16384 lo0
ipv6 fe80::%bge1/64 link#2 U 0 1500 bge1 WAN
and before the upgrade everything was fine.

Other problem is when I disconnect from the openvpn server, opnsense does not restore the default route automatically, so I have to do it manually by navigating to the System->Routes->Configuration and press apply.

Code: [Select]

ipv4 8.8.8.8 192.168.0.1 UGHS 29 1500 bge1 WAN
ipv4 127.0.0.1 link#3 UH 1857 16384 lo0
ipv4 192.168.0.0/24 link#2 U 10833 1500 bge1 WAN
ipv4 192.168.0.3 link#2 UHS 0 16384 lo0
ipv4 192.168.1.0/24 link#1 U 26528 1500 bge0 LAN
ipv4 192.168.1.1 link#1 UHS 0 16384 lo0
ipv6 ::1 link#3 UH 0 16384 lo0
ipv6 fe80::%bge0/64 link#1 U 0 1500 bge0 LAN
ipv6 fe80::2e0:b6ff:fe15:fe9a%bge0 link#1 UHS 0 16384 lo0
ipv6 fe80::%bge1/64 link#2 U 0 1500 bge1 WAN
Openvpn-client ignores "route-nopull" and other options...

But, if I clone the openvpn-client configuration and trying to connect using cloned configuration and not assigned ovpncN interface, it works as expected!

Code: [Select]

ipv4 default 192.168.0.1 UGS 85 1500 bge1 WAN
ipv4 8.8.8.8 192.168.0.1 UGHS 172 1500 bge1 WAN
ipv4 10.8.0.1 link#11 UH 0 1500 ovpnc5 (<------ new unassigned interface)
ipv4 10.8.0.6 link#11 UHS 0 16384 lo0
ipv4 127.0.0.1 link#3 UH 1911 16384 lo0
ipv4 192.168.0.0/24 link#2 U 11413 1500 bge1 WAN
ipv4 192.168.0.3 link#2 UHS 0 16384 lo0
ipv4 192.168.1.0/24 link#1 U 29506 1500 bge0 LAN
ipv4 192.168.1.1 link#1 UHS 0 16384 lo0
ipv6 ::1 link#3 UH 0 16384 lo0
So, if the openvpn interface is not assigned in the Interfaces -> Assignments, then when openvpn-client enabled, it acts as expected. But if I assign the openvpn interface, then when openvpn-client enabled, acts as described at the beginning.

I have already upgraded successfully 20 machines before I found out what is going.


Edit: I finally fixed the problem: I removed all manually created entries in the System:Gateways:Single (there were a lot of unknown and duplicated entries for some reason?) and I set the "Upstream Gateway" option for the default interface (it was set previously). Then, I reassigned all interfaces again.