Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
problem with /30 and peer-to-peer OpenVPN tunnel
« previous
next »
Print
Pages: [
1
]
Author
Topic: problem with /30 and peer-to-peer OpenVPN tunnel (Read 3253 times)
netgeek
Newbie
Posts: 16
Karma: 0
problem with /30 and peer-to-peer OpenVPN tunnel
«
on:
May 07, 2018, 08:06:22 am »
I have a peer-to-peer OpenVPN tunnel between two sites. It works fine, with an exception. If I make the IPv4 tunnel network a /29 or larger, the route gets added correctly:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0/29 172.16.1.2 UGS ovpns1
However, if I make the IPv4 tunnel network a /30 (which is all that's needed for a point to point VPN), oddness occurs:
root@opn:~ # netstat -rna | grep 172.16.1.0
172.16.1.0&0xac100102 172.16.1.2 UGS ovpns1
This ends up sending all 172/8 traffic across the tunnel, and possibly more.
I'm running opnsense 18.1.7. Suggestions?
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: problem with /30 and peer-to-peer OpenVPN tunnel
«
Reply #1 on:
May 07, 2018, 10:55:27 am »
Try setting topology to p2p in the server config file. From the OpenVPN man page:
p2p -- Use a point-to-point topology where the remote endpoint of the client's tun interface always points to the local endpoint of the server's tun interface. This mode allocates a single IP address per connecting client. Only use when none of the connecting clients are Windows systems.
Bart...
Logged
netgeek
Newbie
Posts: 16
Karma: 0
Re: problem with /30 and peer-to-peer OpenVPN tunnel
«
Reply #2 on:
May 07, 2018, 03:30:37 pm »
This feels more like a bug. The same config works fine on pfsense.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
problem with /30 and peer-to-peer OpenVPN tunnel
