OpenVPN config to allow client to access local network

[neufuse Veteran]

I am trying to get my one Raspberry PI to connect to an OpenVPN server but still allow it to talk to my local lan subnet 192.168.0.1/16 so I can SSH into it but all other traffic goes out the VPN (Split Tunneling?)

 

I tried to add 

 

route-nopull
route 192.168.0.1 255.255.0.0

 

into my ovpn config file all I get back is an error

 

  Quote

Options error: option 'route' cannot be used in this context

Expand  

and I lose connection to my SSH session

 

does anyone know the correct way to allow traffic from a OpenVPN client to the local network?

[+BudMan MVC]

  On 24/09/2021 at 19:13, neufuse said:

192.168.0.1/16

Expand  

That is not a network, that is a host address.  And that would not be how you would do it on the client side even if network was correct.. You would need the gateway to use.

 

So I take it this pi is on the 192.168.0.0/.16 network?  With an address of 192.168.0.1?  And you want to talk to say 192.168.0.2 but route all other traffic out the vpn connection? Why would you use up all of the rfc1918 192.168 space via 1 network for starters.

 

Your pi being on any network normally wouldn't route traffic that local out the vpn.  Do you have other networks in the 192.168/16 space locally that your trying to get to?  Maybe a drawing of your network, and some details of exactly what your trying to accomplish would help.

 

If you use the route-nopull in your client, you would not be sending anything to the vpn unless you route traffic specifically to it.

 

What is the normal client config, server config your connecting to.. Do you have this - or is this some vpn service?

 

Normally if the vpn is setup correctly.. The client will route internet out the vpn, but any local networks would still be accessible be it on the local same network as the client.. If your server is using redirect-gateway, and you need to get to some local network.. For example in my case 192.168.3/24 is another network local.. While My server send internet traffic out the vpn, my local 192.168.9/24 traffic is local.. But can not get to 192.168.3/24

 

 

So just add the local route to my client config.

route 192.168.3.0 255.255.255.0 net_gateway

 

Now when connected to vpn, I can get to internet via vpn, my local network directly attached to 192.168.9/24 and also the other local network that my local router routes.