OpenVPN - Split Tunneling

spetrillo · December 28, 2019, 06:39:20 AM

Is it possible to split tunnel if I run the OpenVPN server from my OPNsense firewall?

bartjsmit · December 28, 2019, 10:14:00 AM

Yes, only set the route to your internal LAN to your clients with a push-route and don't use redirect-gateway.

On the OpenVPN server page:

untick 'Redirect Gateway'
under Advanced add:

push "route 192.168.1.0/24"

replace 192.168.1.0/24 with your LAN network and mask.

Bart...

dullibert · May 25, 2021, 10:04:28 AM

Hi,

(sorry to revive this old thread, but it fits well with my issue)

I am using push "route 192.168.99.0/24" to allow remote access through an OpenVPN tunnel to my resources in LAN (NAS, firewall, etc.), but leave all remaining traffic on the client side and not go through the tunnel. It appears to work, but when I dial in this error pops up in the log:

Options error: route parameter network/IP '192.168.99.0/24' must be a valid address

What am I missing?

OpenVPN - Split Tunneling

spetrillo

December 28, 2019, 06:39:20 AM

bartjsmit

December 28, 2019, 10:14:00 AM #1

dullibert

May 25, 2021, 10:04:28 AM #2