Posted: Mon Aug 03, 2009 23:20 Post subject: BUG: openvpn --redirect-gateway does not work (does nothing)
Hi,
I get openvpn to work. It sets all of the vpn routes correctly in the routing table (and this is also shown correctly in the logs).
The problem is with "redirect-gateway". This command is supposed to do 2 things:
1. delete the default gateway
2. and then add the vpn as the default gateway
But it does nothing. There is no output/error in the logs. Nothing. (the vpn routes are set correctly, but not the default gateway).
I have tried with "redirect-gateway" in the vpn client config file and also "--redirect-gateway" on the command line.
However, when I replace the gateway manually it works (deleting the default gateway and then adding the vpn as default gateway on the command line works) (this is with "route del" "route add").
I have this problem on a linksys wrt610n router and also on a PC with the x86 version of dd-wrt (latest 24sp2).
I have searched this forum for the past 4 days, and seen that several other users had the same problem (redirect-gateway not working/doing nothing).
So my questions are:
1. how can I get this to work?
2. does anyone get "redirect-gateway" to work? If so, what version of dd-wrt are you using?
3. is there another way to go around this problem? using the firewall? how? (my wan is on eth0 192.168.0.1 and lan br0 192.168.2.1)
Does not work (it worked on the wrt610n but now doesn's work on the x86 version - and I now need the x86 version because the linksys CPU is to slow for high speed vpn encryption)
Part of the problem is also that I am connecting to a commercial vpn. It's a vpn cloud, so my vpn ip and vpn gateway are changing every time my vpn connection restarts. So, as I don't know the gateway ip in advance I can't setup a startup script to replace the default gateway.
So to me "redirect-gateway" is the best way to go about this. If only it would work.
Here's a crude way of doing it in your firewall script.
ip route change default via $(ip route show dev tun0 | grep via | cut -f3 -d' ') _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
When the vpn connection is dropped, openvpn will automatically reconnect. And when this happens, I will more often than not get new vpn-local ips (local and gateway ips can change)
Is it possible to have this command issued automatically when openvpn reconnects (or when the vpn gateway ip changes)? This would make a nice & complete replacement for "redirect-gateway".
... as this is a router I'd prefer not to have to login to issue the command manually every time this happens.
Try it in your firewall script, if that doesn't work then see http://www.dd-wrt.com/wiki/index.php/Script_Execution _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
