Community discussions

MikroTik App
Topic Author
Posts: 44
Joined: Thu Jul 23, 2015 3:47 pm

Openvpn client add wrong route

Mon Aug 21, 2017 4:04 pm

This is a site-to-site configuration, I've got this running for a year without issue, this morning I've upgraded, and seems that a route is automatically added.
With that route not traffic between clients is possible.

Pfesense 2.4.1 as openvpn server
RouterOs 6.40.1 as openvpn client

/ppp> profile print
2   name="ovpn" local-address= remote-address= 
     use-mpls=default use-compression=default use-encryption=default 
/interface ovpn-client print
Flags: X - disabled, R - running 
 0  R name="ovpn-out1"  max-mtu=1500 
      connect-to=myserver port=1194 mode=ip user="any" password="" 
      profile=ovpn certificate=User_Certificate.crt_0 auth=sha1 
      cipher=blowfish128 add-default-route=no 

/ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
1   S                               1
2  ADS                       1
3   S                      TBovpn-out1               1
4 ADC       TBovpn-out1               0
if I manually remove the **2 ADS 1** route everything works fine.

With previous versions I've never noticed this issue.
Is there a way to say to mikrotik to not add this route or automatically remove it?
Thanks, BR
User avatar
MikroTik Support
MikroTik Support
Posts: 668
Joined: Thu Dec 11, 2014 8:53 am

Re: Openvpn client add wrong route

Mon Aug 21, 2017 4:29 pm

Please re-establish the VPN (by disabling and enabling), generate supout.rif and send it to
Topic Author
Posts: 44
Joined: Thu Jul 23, 2015 3:47 pm

Re: Openvpn client add wrong route

Tue Aug 22, 2017 2:24 pm

I've submitted the support file, I share the reply for the ones who got this problem:

Thank you very much for the report. The server is not providing IP configuration (ifconfig) to the client, so IP address from PPP profile is used. Unfortunately, there is a bug that "network" field is not taken from PPP "remote-address" field. We will try to fix this issue as soon as possible. As a workaround, please configure your server to distribute IP address to the client.

Best regards,

just joined
Posts: 1
Joined: Fri Nov 24, 2017 3:48 pm

Re: Openvpn client add wrong route

Fri Nov 24, 2017 4:24 pm

Thanks for sharing!

I did try some custom options, but this one is the only one I've got working -> push "ifconfig"

It seems to work fine for now.
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS                               1
 1 ADS                              1
 2 ADS                              1
 3 ADS                              1
 4 ADC     br-vlan10                 0
 5 ADC     br-vlan4                  0
 6 ADC     br-mgmt                   0
 7 ADC   br-vlan3                  0
 8 ADC    ether1                    0
 9 ADC         OVPN                      0
Frequent Visitor
Frequent Visitor
Posts: 90
Joined: Fri Dec 09, 2016 8:10 pm

Re: Openvpn client add wrong route

Mon Feb 12, 2018 8:13 am

Yes seems that the bug is still not solved.RouterOS is so buggy!
just joined
Posts: 11
Joined: Sun May 03, 2009 1:10 am

Re: Openvpn client add wrong route

Thu Mar 22, 2018 3:00 am

Im having a issue with ovpn as well, when the client connects its getting a /24 address range instead of a /31, it seem to be a issue only on v6.40.3 and above
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: cyon, DanMos79, Google [Bot], mmarzantowicz and 245 guests