Hi all.
It seems to me there is an issue.
Let’s assume that server public IP is 1.2.3.4.
If I creating a new server with 0.0.0.0/0 route - than client with default gateway will set up new route 1.2.3.4/32 after connection - and everything works fine.
But if I remove 0.0.0.0/0 route and add 1.2.3.0/24 for example, than client does not set up route for 1.2.3.4/32 - and VPN does not works after connection.
I checked it twice.
looking forward to hearing from you!
The public IP of the Pritunl server must be excluded from the VPN routes. This is done automatically but if it is specifically included with a /32 it will break the connection.
Yes.
I mean if server has route 0.0.0.0/0 than client excludes server address from VPN routes by adding 1.2.3.4/32 route through eth0.
But if server has other routes (1.2.3.0/24 for example) and server public address inside this network - then client does NOT excludes server address from VPN routes by adding 1.2.3.4/32 route through eth0.
I think anything other than 0.0.0.0/0 would need to not include the server public IP. It’s possible 0.0.0.0/1 and 128.0.0.0/1 would work but other subnets should not include the server IP. With an enterprise subscription the server /32 IP could be added with the net gateway option.
We faced the situation where server’s IP is inside the network to route (and network is not 0.0.0.0/0).
After some research we had to configure routes by splitting network to a bunch of networks excluding one single pritunl_server_ip/32. And it works.
That’s why I started this topic.
I only wanted to inform about this client behaviour.
Thanks.