id summary reporter owner description type status priority milestone component version severity resolution keywords cc 412 persist-tun and redirect-gateway def1 don't work together when multiple remotes are defined sthibault "Hello, We have several servers for robustness. Our clients use our server as a total VPN, with the redirect-gateway def1 option. We initially thought about using the persist-tun option, so as to improve robustness whenever a server falls down. However, it actually makes things worse, because of the following scenario: - client connects to serveur S1 - client adds route to S1 via the local gateway - client adds 0.0.0.0/1 and 128.0.0.0/1 via the tunnel - S1 falls down - client tries to connect to serveur S2 - it fails because trafic to S2 is routed through the tunnel due to the /1 routes. and it only manages to get back to work after a whole restart. So in the end, we can not use the persist-tun option. A way to make it to work would be to not only add the route to S1 via the local gateway, but also the routes to all other remotes of the configuration, so that one can switch between any of them without having to re-setup the tun device." Bug / Defect new minor release 2.4 Networking OpenVPN 2.2.2 (Community Ed) Not set (select this one, unless your'e a OpenVPN developer) plaisthos