Community discussions

MikroTik App
 
atakacs
Member Candidate
Member Candidate
Topic Author
Posts: 121
Joined: Mon Mar 07, 2016 5:39 pm

OVPN site-to-site return route ?

Wed Jun 09, 2021 1:45 am

Hello

I have a setup with a site to site OpenVPN tunnels which require static routing (ie to subnets “behind” the Ovpn).

On the client side I am using the parameter routes on the /ppp secret row, where I can specify a destination gateway. This works fine to route from the client subnet(s) to the server one. But I need the return routes too, ie from the server subnet to the client. How do I configure those ?
Last edited by atakacs on Wed Jun 09, 2021 12:35 pm, edited 1 time in total.
 
User avatar
loloski
Member Candidate
Member Candidate
Posts: 277
Joined: Mon Mar 15, 2021 9:10 pm

Re: OVPN site-to-site return route ?

Wed Jun 09, 2021 2:15 am

Hi,
Normally it's done using push-route x.x.x.x/x in order to push route to the client Routing Table, but openvpn implementation of MT doesn't support this
 
atakacs
Member Candidate
Member Candidate
Topic Author
Posts: 121
Joined: Mon Mar 07, 2016 5:39 pm

Re: OVPN site-to-site return route ?

Wed Jun 09, 2021 12:36 pm

hmm so what choices do I have ?
write a script that add those routes ?
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: OVPN site-to-site return route ?

Wed Jun 09, 2021 1:36 pm

You can include them in the .ovpn configuration, e.g. route 192.168.99.0 255.255.255.0 vpn_gateway

If it is a contiguous block of addresses, of which the VPN tunnel is part, you can use the netmask= parameter in the Mikrotik OpenVPN sever settings.
 
atakacs
Member Candidate
Member Candidate
Topic Author
Posts: 121
Joined: Mon Mar 07, 2016 5:39 pm

Re: OVPN site-to-site return route ?

Fri Jun 11, 2021 12:04 am

You can include them in the .ovpn configuration, e.g. route 192.168.99.0 255.255.255.0 vpn_gateway
This is mikrotik to mikrotik - are there ovpn config files involved (I only ibnteract with the Winbox GUI or CLI) ?
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: OVPN site-to-site return route ?

Fri Jun 11, 2021 12:10 am

No, Mikrotiks do not use .ovpn so either the server netmask, or add static routes on the client Mikrotik via the ovpn interface
 
atakacs
Member Candidate
Member Candidate
Topic Author
Posts: 121
Joined: Mon Mar 07, 2016 5:39 pm

Re: OVPN site-to-site return route ?

Fri Jun 11, 2021 12:33 am

Might be a little thick but can i push return routes on the OVPN server from the client ?! I so how ?

Who is online

Users browsing this forum: ItchyAnkle, menyarito and 89 guests