OpenVPN Fusion route tables

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

shinji14

New Around Here
I'm using asus fusion openvpn
I want an ip to not go trough the vpn so I added a route to the config

route [desired ip] 255.255.255.255 [wan ip]

But if I do a tracert from the client to [desired ip] is still using the vpn.

What I'm doing wrong?
 

eibgrad

Very Senior Member
I assume you mean destination IP (route commands *only* apply to destination IPs).

The route command requires the WAN's default gateway, NOT its public IP. And you do NOT specify that default gateway directly in the route command. You specify it indirectly using the net_gateway reserved word. OpenVPN will then replace it w/ the actual default gateway of the WAN at runtime.

Code:
route 1.2.3.4 255.255.255.255 net_gateway
 

shinji14

New Around Here
Yes, I also tried that.
Im sorry i didn’t explain it correctly.

i.e i want to reach 8.8.8.8 from client 192.168.29.2.
route 8.8.8.8 255.255.255.255 net_gateway

but doing a tracert 8.8.8.8 from the client shows is going trough the vpn

i also tried with these other options (not at the same time)
route 8.8.8.8 255.255.255.255
route 8.8.8.8 255.255.255.255 192.168.29.1
route 8.8.8.8 255.255.255.255 192.168.29.2

I understand vpn fusion is a split vpn, I was wondering if somehow ignores the route command?
 

eibgrad

Very Senior Member
I understand vpn fusion is a split vpn, I was wondering if somehow ignores the route command?

Anything is possible given it's oem/stock firmware. Neither you nor I can be absolutely sure how it handles routing w/o access to the firmware. IIRC, in the case of Merlin, he specifically ignores any such route directives for the WAN when using policy based routing, and instead requires you to create a rule to bind anything to the WAN. I suppose its theoretically possible Fusion is doing the same.

What you might try doing is adding the static route outside the VPN, specifically w/ the LAN->Route page.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top