diff options
author | jim-p <jimp@pfsense.org> | 2012-12-13 13:50:38 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-12-13 13:50:38 -0500 |
commit | 5d8e8c9d25b55c6d3260e69fcf4620f76488d173 (patch) | |
tree | 55df47cf3fc0ed06759e77a6507e815c4ce73265 /etc | |
parent | adde8405b2642172dbd8a8c724682e0d29b3d455 (diff) | |
download | pfsense-5d8e8c9d25b55c6d3260e69fcf4620f76488d173.zip pfsense-5d8e8c9d25b55c6d3260e69fcf4620f76488d173.tar.gz |
Exclude the VPN peer from routes so as to not break connectivity to the actual VPN peer if a route includes its IP.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index c3353ef..7ffd65c 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -525,6 +525,7 @@ function openvpn_reconfigure($mode, $settings) { if ($settings['local_network']) { list($ip, $mask) = explode('/', $settings['local_network']); $mask = gen_subnet_mask($mask); + $conf .= "push \"route remote_host 255.255.255.255 net_gateway\"\n"; $conf .= "push \"route $ip $mask\"\n"; } if ($settings['local_networkv6']) { @@ -615,6 +616,7 @@ function openvpn_reconfigure($mode, $settings) { if ((substr($settings['mode'], 0, 3) == "p2p") && is_subnet($settings['remote_network'])) { list($ip, $mask) = explode('/', $settings['remote_network']); $mask = gen_subnet_mask($mask); + $conf .= "route remote_host 255.255.255.255 net_gateway\n"; $conf .= "route $ip $mask\n"; } // Add a remote network route if set, and only for p2p modes. |