Project

General

Profile

Actions

Bug #6482

closed

OpenVPN Redirect Gateway Option Causes GUI Issue

Added by Steve Matos over 8 years ago. Updated over 8 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
06/12/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

When editing the settings for an OpenVPN server and checking off the Redirect Gateway (Force all client generated traffic through the tunnel) option the IPv4 and IPv6 Local Networks text boxes are hidden. Once the settings are saved and you go back into edit the settings again, the check box remains checked, but the two text boxes do not remain hidden. Further clicking and unclicking that checkbox will hide the two fields again.

Note: I am unsure if the text boxes should even be hidden in the first place.

Actions #1

Updated by Phillip Davis over 8 years ago

I think it is right that the Local Network(s) boxes should be hidden.
From what I can see, the Local Network(s) boxes will get shown when:

OpenVPN Server is in tunnel (tun) mode and
NOT using shared key.

Is that the combination you are using?

In that case, the function tuntap_change() gets called last, and switches on Local Network(s) boxes. (after gwredir_change() was called and would have hidden them). The code needs to be a bunch smarter to realize more combinations of parameters that go towards deciding if the boxes need to be shown or hidden.

Actions #2

Updated by Steve Matos over 8 years ago

Yes, I'm using tun and Remote Access (SSL/TLS + User Auth).

It also appears that the redirect gateway option doesn't work for IPv6. See here: https://redmine.pfsense.org/issues/6483
I had to add something like push "route-ipv6 2000::/3"; to my custom options to get IPv6 to work, but that's kind of a hack.

Actions #3

Updated by Chris Buechler over 8 years ago

  • Status changed from New to Not a Bug
  • Affected Version deleted (2.3.1)

that is correct, though it should be protocol-specific. something to be addressed as part of #6483, added note there.

Actions

Also available in: Atom PDF