Opened 6 years ago
Last modified 6 years ago
#1004 new Bug / Defect
VPN routes stay intact when changed local network but can't reconnect to VPN from that new local network
| Reported by: | teneri | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | Generic / unclassified | Version: | |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: |
Description
VPN routes stay intact when changed local network but can't reconnect to VPN from that new local network.
So the situation is the following:
# You connect from home network to office VPN network from your laptop.
# Then you suspend the laptop, take to the office, resume it from sleep.
*Current result:*
You can't connect to machines in office network. The pushed route is still set up though VPN client can't to office VPN anymore.
Sending HUP signal to openvpn client fixes the problem but probably sending signal after each resume from sleep is not the optimal choice.
*Expected result:*
Routes are not present after resume.
Or how should I change the configuration to suit my needs best (e.g. apply pushed route's metric to be higher?)
Change History (4)
comment:1 Changed 6 years ago by
comment:2 Changed 6 years ago by
The workaround is to push metric (along with route). So add this to server configuration:
push "route-metric 700"
comment:4 Changed 6 years ago by
Ubuntu 17.10.
# openvpn --version OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 3 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Originally developed by James Yonan Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net> Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
Server configuration: