When I run sudo openvpn foo.conf
I do not yet have a default gateway defined.
Once the connection is established, I run sudo ip route add default via X.X.X.X
, where X.X.X.X is the local IP of the newly created tun interface.
That works perfectly fine.
Avoiding the manual step, I would like OpenVPN do this for me. So I add route default
to the configuration.
This fails with: NOTE: unable to redirect default gateway -- Cannot read current default gateway from system
Why does it want a current default gateway when I would replace it anyway? How can I have OpenVPN add the default gateway correctly (without using external scripts)?
The best practice of the openvpn is adding the two routes (
0.0.0.0/1
and128.0.0.0/1
) to avoid replace the original default route. For this you can use the route options in the open vpn client configuration file: