Ignoring redirect-gateway

Started by tbone56, January 13, 2026, 02:46:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 13, 2026, 02:46:50 PM
I am using OpenVPN with IPVanish. 
The VPN is connected.

I am getting this error in the VPN logfile:
Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])

I found this entry in the OPNSense Wiki:
Ignoring redirect-gateway
If you are running OpenVPN as a client, and the server you use is using push "redirect-gateway" then your client redirects all internet traffic over the VPN. Sometimes clients do not want this, but they can not change the server's configuration. This page explains how to override redirect-gateway so the client does not need to redirect internet even though the server says to.

Method 1: filter the pushed option
Add the following option to the client

--pull-filter ignore redirect-gateway
This requires version 2.4 or higher and is the preferred method. For older versions use one of the methods described below.
---------------------------------------
My first question is: Will this be a solution to my error?
My second question is where (what file, what screen, etc) do I put that line?
IPVanish provides a .opvn file that I reference in the OpenVPN setup.
I have edited that file with auth-nocache to try and remove another error, but it didn't make any difference.

Thanks.


January 13, 2026, 06:50:10 PM #1
Quote from: tbone56 on January 13, 2026, 02:46:50 PMIPVanish provides a .opvn file that I reference in the OpenVPN setup.
Possibly you did something wrong and the client configuration is conflicting with the server now.

Quote from: tbone56 on January 13, 2026, 02:46:50 PMMy first question is: Will this be a solution to my error?
My second question is where (what file, what screen, etc) do I put that line?
You can enable the "route-nopull" option. Then the client should ignore this. But this depends on what you want to achieve.

If you want to route all upstream traffic over the VPN automatically when it is connected to the server, you should not enable this option.
Today at 12:54:07 AM #2
My goal is to route all upstream traffic over the VPN automatically.
I am rebuilding the box opnsense is running on, so I will attempt to reconstruct it.
Thank you for the response viragomann.
Today at 09:07:03 AM #3
Quote from: tbone56 on Today at 12:54:07 AMMy goal is to route all upstream traffic over the VPN automatically.
So if you don't enable "route-nopull" and "route-noexec", OpenVPN should route all traffic over the VPN automatically.
And I don't expect to see the above error message in log then.

With "route-nopull" enabled, I get the same error though, but the VPN works as expected anyway. I specified certain remote networks to route traffic to the VPN server.
Print
Go Up Pages1
User actions