Ubuntu – Adding route on client using OpenVPN

openvpnrouting

So this is my setup.
Laptop Running Ubuntu
OpenVPN version 2.3.2

I connect to a OpenVPN server that connects to an off-site network.

I get the OpenVPN client running and I can ping the VPN server. The server doesn't push any routes so I need to route on the client.

Adding the off-site networks to route to the VPNserver so that I can access the off site network.

So the problem I have is that my requests don't jump from 192.168.0.1 network to the off site 172...* one… Can I do anything about that on my client?
I don't have any ownership of the server and routs are not pushed from server now , in the future i don't know

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
      inet addr:10.242.2.6  P-t-P:10.242.2.5  Mask:255.255.255.255
      UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:100 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:100 
      RX bytes:0 (0.0 B)  TX bytes:12129 (12.1 KB)

wlan1     Link encap:Ethernet  HWaddr 5c:93:a2:a0:6e:1b  
      inet addr:10.101.7.41  Bcast:10.101.31.255  Mask:255.255.224.0
      inet6 addr: fe80::5e93:a2ff:fea0:6e1b/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:355109 errors:0 dropped:0 overruns:0 frame:0
      TX packets:206832 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:454685028 (454.6 MB)  TX bytes:23942624 (23.9 MB)



Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.101.0.1      0.0.0.0         UG        0 0          0 wlan1
10.101.0.0      0.0.0.0         255.255.224.0   U         0 0          0 wlan1
10.242.2.1      10.242.2.5      255.255.255.255 UGH       0 0          0 tun0
10.242.2.5      0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.0.0     10.242.2.5      255.255.255.0   UG        0 0          0 tun0
192.168.82.0    10.242.2.5      255.255.255.0   UG        0 0          0 tun0

Best Answer

Looking at your routing table. There is no explicit route telling traffic to 172...* as you call it. To be sent to the VPN tun interface.

You have several options:

If you have access to the openVPN server add this directive to the openvpn config:
```
push "redirect-gateway def1 bypass-dhcp"
```
This setting will route/force all traffic to pass through the VPN. The other alternative you have. Is to add a static route yourself on the client side
Add the route manually on the client side in a terminal
```
sudo route add -net 172.16.0.0/24 dev tun0
```
openvpn has a directive for adding and removing of routes client side in your openvpn config file with with the route option.

Adding:
```
route 172.16.0.0 255.255.255.0
```
to your openvpn config file on the vpn client. will add the route automatically when you connect
Bonus: openvpn also has a up/down directive that allows you to launch a script on connect to VPN. This can allows you to do any custom action like setting DNS, routes etc. But it requires you to store the commands to execute in another file.

So if you had the following to your openvpn client config file
```
script-security 2 system
up run-stuff-after-vpn-connect.sh
```
Create a file named run-stuff-after-vpn-connect.sh (make sure it has execute permissions. And add:
```
#!/bin/sh
route add -net 172.16.0.0/24 dev tun0
```
This will add the route as soon as the tunnel is up

Since you didn't give us the full declaration of your subnet in your question assuming its 172.16.0.0/24

Best Answer

Related Solutions

Ubuntu – Can’t access any remote network routes using OpenVPN client

Ubuntu – How to change the metric of an OpenVPN client default route

Related Question