-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
Sent with Proton Mail secure email. ------- Original Message ------- On Thursday, September 22nd, 2022 at 15:06, Sebastian Arcus <s.ar...@open-t.co.uk> wrote: > I use openvpn on laptops to access the vpn server and the network behind > it. When the laptops are connected directly to the vpn server home > network, to stop traffic going through the vpn, for years I've used > successfully the route metric directive: > > push "route-metric 500" > > The 500 metric is supposed to be higher than wired connections, so the > wired connection was preferred when connected to the openvpn server home > lan, instead of the vpn connection. > > This doesn't seem to work properly with Windows 10 any more. Although > the route metric does get set correctly on Windows 10, it seems to just > ignore it and route all traffic > "route all traffic" is obviously used out of context here, see below: > Does anyone know if Windows 10 now behaves differently with regards to > route metric? Is there a new recommended way to deal with this issue? > More details below of my setup: > > Server: openvpn 2.5.7, Linux Slackware > Client: openvpn 2.5.7, Windows 10 > OpenVPN server lan subnet: 192.168.112.0/24 > OpenVPN subnet: 192.168.114.0/24 > > > server.conf > > proto udp > port 1194 > dev tun > server 192.168.114.0 255.255.255.0 > push "route 192.168.112.0 255.255.255.0" > push "dhcp-option DNS 192.168.112.1" > push "dhcp-option WINS 192.168.112.1" > push "route-metric 500" > ca "ca.crt" > cert "server.crt" > key "server.key" > tls-auth "ta.key" 0 > dh "dh.pem" > > > > client.conf > > client > windows-driver wintun > proto udp > remote vpn.remote.address > port 1194 > resolv-retry infinite > ping-restart 10 > persist-key > persist-tun > key-direction 1 > remote-cert-tls server > ca "ca.crt" > cert "client.crt" > key "client.key" > tls-auth "ta.key" 1 > remote-cert-tls server > > > No where is "route all traffic" set by either side. For clarity. > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAGBQJjLKiCACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ0L7ggAqSZPe0r+Px/Rngvixgx2L82qqb4csJzGhH2Je/xZvkQODIwJ vVDytYSJrozR/FkLtuAB4wkWzZumhkm0vvjbJ+RqZHsQAV/AZ1BcTh0qiJEX cHc6I6ajaB8k8rsmhSKM1fbHzpX1urOSDIW5lQ1a9ePJv3oxMqmjV2sU8C/F Ywa0i2kyIw4//2W7cJSvwjlyhuPzQ1cfxND78czbejegx7cjRe4LaQA6Dq+k rb065mvt8Mjzj9+16APGuEebwjvDT2W9dvVa5QEg5P8vdzFv8tH6GXJo6ZhK bEJwZ+TWLuGYVXn0W5d9nb8Z0W3nwsVt3kLsgxv33fV7sLag5urFhA== =lkIC -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users