RUT142 - OpenVPN client mode / redirect-gateway

Networking Solutions
1

Firmware Version 00.07.18.3

I manually created an initial OpenVPN client configuration which works fine.

As I wanted to redirect all traffic through the OpenVPN tun interface and avoid routing LAN traffic through WAN and Wifi client interface, I exported the manual configuration to a .ovpn file and editet it by appending the following line:

redirect-gateway def1

at the end of the parameter list just before the certificates section (see .zip content).

I disabled the intial OpenVPN configuration and created a new one by uploading the edited .ovpn file. When enabling the new configuration the log contained the following error:

542 Tue Nov 25 13:52:33 2025 daemon.err openvpn(inst2)[7175]: ERROR: Endtag missing
543 Tue Nov 25 13:52:33 2025 daemon.notice openvpn(inst2)[7175]: Exiting due to fatal error

Checking the uploaded .ovpn file it turned out that terminates the
-----END CERTIFICATE----- line without trailing linefeed.

After manual insertion of the missing linefeed and re-upload into a new configuration everything works fine including the intended routing through the tun interface.

Please could you check and comment the following:

  1. consider offering the redirect-gateway def1 option via Web GUI so that it can be activated in manual configurations?

  2. is the erroneous behaviour on a missing linefeed before the tag intended?

  3. in the created export file the linefeed had already been missing.

    OpenVPN_251124_redirect-gateway-a.zip (492 Bytes)

3

Greetings,

You can add the redirect-gateway def1 option in the Extra options field under Advanced settings, as shown in the image.

image
image754×611 30 KB

I wasn’t able to reproduce the missing linefeed issue on a RUT142 running the same firmware. It’s possible that the text editor you’re using to open the file is altering the formatting. Could you try exporting the file and uploading it again without opening it first to see if the issue still occurs?

Best Regards,
Justinas

4

Thanks for the hint regarding redirect-gateway, seems to work fine and does what it should.

I again downloaded the .ovpn configuration and formatting was fine - so this most probably was my fault when handling the editor. Obviously no problem in RutOS.

After manually removing the trailing linefeed before [/ca] tag the corrupt .ovpn file uploads without complaint but enabling the configuration leads to the known error. RutOS obviously does not touch this file as after re-downloading it is identical with the corrupt upload. So it would be helpful if RutOS would complain already on upload about misformed .ovpn files.

Kind regards,
Diether

5

Greetings,

I have relayed your suggestion to our research and development department, once I receive feedback from them, I will get back to you.

Best Regards,
Justinas