Project

General

Profile

Actions

Bug #11448

closed

Incorrect order of ``route-nopull`` option in OpenVPN client-specific override configuration

Added by Viktor Gurov almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Viktor Gurov
Category:
OpenVPN
Target version:
Start date:
02/18/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.5.0
Affected Architecture:

Description

https://openvpn.net/faq/overriding-a-pushed-route-in-the-clients-config-throws-an-error/:
When connecting to server that pushes routes using this:

...
# Pushed routes
push "route 10.1.0.0 255.255.255.0" 

and when the client overrides them in its config:
...
# Options
client
route-nopull
route 10.1.0.0 255.255.255.128
route-metric 50

...
This works but the client’s log have this:
Options error: option 'route' cannot be used in this context

This issue materializes because “route-nopull” option takes away the permission from the client to install server-pushed routes, effectively telling the option parser “no, this option is not valid here”.

The way to configure it correctly is then:

...
# Options
client
route 10.1.0.0 255.255.255.128
route-metric 50
route-nopull

The "route-nopull" option must be placed after the entered "Custom options" to avoid this error

Actions #1

Updated by Jim Pingle almost 4 years ago

  • Target version set to CE-Next
Actions #3

Updated by Jim Pingle almost 4 years ago

  • Status changed from New to Pull Request Review
Actions #4

Updated by Renato Botelho almost 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

Actions #5

Updated by Viktor Gurov almost 4 years ago

  • % Done changed from 0 to 100
Actions #6

Updated by Jim Pingle almost 4 years ago

  • Status changed from Feedback to Waiting on Merge
  • Target version changed from CE-Next to 2.5.1
Actions #7

Updated by Renato Botelho almost 4 years ago

  • Status changed from Waiting on Merge to Feedback

Cherry-picked to RELENG_2_5_1

Actions #8

Updated by Pippin MMD almost 4 years ago

This can be prevented by implementing https://redmine.pfsense.org/issues/10347

Actions #9

Updated by Jim Pingle almost 4 years ago

  • Subject changed from Overriding a pushed “route” with the "route-nopull" option to Incorrect order of ``route-nopull`` option in OpenVPN client-specific override configuration

Updating subject for release notes.

Actions #10

Updated by Jim Pingle over 3 years ago

  • Status changed from Feedback to Closed
Actions

Also available in: Atom PDF