Bug #13278
closed
OpenVPN dynamic gateway created incorrectly when not pulling routes or server pushes no routes
0%
Description
IF: I configure OpenVPN client and set the "Don't pull routes" check box
OR
IF: I include the advanced option: pull-filter ignore "redirect-gateway";
THEN:
pfSense creates a gateway entry for the interface that uses the IP address of the interface instead of the gateway address that is handed out by the server.
This stops any policy based routes from working as expected.
However, if I manually create a gateway that uses the proper address, policy based routes work.
Example:
With neither option checked, my routing table has these entries for the ovpnc interface, but ALL traffic is redirected over this tunnel.
Destination Gateway
0.0.0.0/1 10.8.8.1
10.8.8.0/24 10.8.8.1
10.8.8.1 link#13
128.0.0.0/1 10.8.8.1
the dynamic gateway entry shows 10.8.8.1 as the gateway IP address
If I use: pull-filter ignore "redirect-gateway"; the routes added look like this:
Destination Gateway
10.8.8.0/24 10.8.8.1
10.8.8.1 link#13
the dynamic gateway entry uses the "Virtual Address" assigned to the VPN client
Updated by 
Updated by