OpenVPN as default gateway does not get set at boot time
I have an OpenVPN gateway configured as my default gateway with a static route in place to ensure the VPN connects via the WAN interface. This has always worked without issue. After updating from 2.5.2 to 2.6 the default gateway needs to be reapplied after reboots to allow pfSense to fetch system and package updates. The system seems to not use any gateway after a reboot when an OpenVPN gateway is used as a default gateway.
Updated by Jim Pingle 3 months ago
- Subject changed from Default gateway doesn't persist after reboot. to OpenVPN as default gateway does not get set at boot time
I can reproduce this on snapshots if I set an OpenVPN gateway as default directly, but there is a workaround.
Create a gateway group including the VPN gateway on the first tier and then use that gateway group as your default gateway. With the default configured as the gateway group, the default gateway is set to the VPN at boot.
Updated by Kris Phillips 3 months ago
It appears that some states can get established out the default GW on boot as well. I have a OpenVPN client and have configured it as an interface with policy routing to send certain traffic out the gateway and, upon a full system reboot, I see states ignoring the policy routing until I manually kill the states or let them "age out". This is in spite of the fact that I have a deny rule above. I also have the option for states to be reset on gateway failover events turned on.