I have an OpenVPN server set up on my Raspberry Pi, when I installed it the guide I followed said to add a line like: push "route 192.168.1.0 255.255.255.0" so that the server would let the client know that that network could be reached through the VPN, or so I understood.But now I'm using the Pi as a router to share a WiFi Internet connection with a computer,using the network 192.168.0.0,and so I was thinking of adding a route for that network that way, but I tried connecting before doing it and the PC can be reached without doing anything.
Doing a traceroute I saw that apparently 10.8.0.1 is the default gateway, so it can just reach it from there without a problem. So I'm wondering, what is that statement really used for? It doesn't seem to be necessary for making the client aware of the network, since all the traffic is going through the VPN anyway.
11 Answer
It is generally used to set routes to the VPN clients.
For instance, I use it to push 0.0.0.0 to one of the computers inside the VPN so all traffic is tunneled through the VPN.
In your case, it would seem that you are pushing a route to the LAN behind the VPN so you end up sending packets to the VPN tunnel endpoint to be forwarded to the LAN.
In which case, I would suggest to set the VPN using a bridged TAP device, which automatically sets the route to the internal LAN without the need for forwarding or NATing.
3
