No announcement yet.

OpenVPN - Site to Site

  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenVPN - Site to Site

    I have been using OpenVPN to create a site to site connection between my house and my parents for upwards of 5yrs, maybe longer using Untangle at both ends.
    The server at my house acts as the server, my parents as the client.
    The user the client connects to is configured as "network" and specifies "" as the address space. This has been working flawlessly until very recently.

    It now appears that all internet bound traffic from the client site, is being routed through the server site.
    Much like the function of Tunnel VPN app would provide.
    I do have tunnel VPN app installed and running, but it is connected to a different server, and there it isnt even configured to route all traffic like that. Just a specifc subnet.

    On the route table when OpenVPN is enabled and connected the following route is being added: via dev tun1 (xxx's being the VPN IP assigned by server side)

    I am sure this route never was added before, and I see no option anywhere within the OpenVPN config on either server or client side to add this. I didnt think this was something OpenVPN app could do, hence TunnelVPN app.

    To add, disabling tunnel VPN app makes no difference.

    The Site-to-Site traffic still works fine, so both sides can reach each other. Its just this unexpected and unwanted tunneling of internet traffic I want to address and disable.

    Appreciate any pointers.

    Server and client are on version: 16.2.20230109T075831.1bb35db54e-1bullseye​

  • #2
    I just solved this.

    Seems on the "groups" tab on the server side, the default group is for "full tunnel" and "push DNS"

    I am not sure if this is new? I have however never configured a group before.

    I just created a new group and called it "Split Tunnel" then assigned it ot the client for my parents VPN user. Now that route isnt added to the route table, and internet traffic stays local.