Sign in to follow this  
Followers 0

open vpn routing issue

1 post in this topic

Ive installed bt4 into a usb key with encrypted partitions etc, and I want it to establish a openvpn to outside the host network on boot.

Scenario I want to avoid is the thing fails to establish a vpn then starts broadcasting traffic I want to only go down the tunnel to the local subnet/out the subnet's default route unencrypted.

So far what Ive done is set the default route of the box when booted to its own IP, so it cant ever figure out how to get out onto the net, then added a single static route out to my preffered open vpn server via a working default route for the subnet.

It fires up, and establishes the tunnel to the open vpn server ,but when the session starts openvpn adds a load of routes into the routing table, including one of how to route to the open vpn server but which uses the bad system default route (which goes nowhere), which overrides the correct static route Ive put in.

How can I stop openvpn over writing my static route?

I tried doing a sh route del badroute on the bottom of the config but thats too early and runs before the routing gets added...

I had it working like this on a earlier machine running fedora natively but cant see what Ive done different this time config wise.

Any ideas? A better way to approach blackholing it rather than starting off with a bad default route?

I could run off a script that del's the routes added after establishing, but how can I trigger that from the openvpn sequence at the right time? if the route is left in, it times out and drops the tunnel so it has a small window to run in.

Edited by MrFluffy

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0