Default gateway problem

Support requests about VPN Client Pro
Post Reply
ievgeny
Posts: 6
Joined: Sat May 18, 2019 7:31 am

Default gateway problem

Post by ievgeny » Sat May 18, 2019 10:05 am

Hi!
In my case, when a VPN connection provides only local resources from the enterprise network, the Google Play application can not install or update applications. At the same time, search in Google Play application and the Internet in the browser work normally through a local Internet connection. Redirect gateway option is disabled. This would not be a big problem for me, but some applications also do not work properly for the same reason. For example WPS Office: https://play.google.com/store/apps/deta ... office_eng
Please suggest the right direction to solve this problem.
--
Huawei P20 Lite | Android 8.0

admin
Site Admin
Posts: 494
Joined: Fri Feb 15, 2019 4:04 pm
Contact:

Re: Default gateway problem

Post by admin » Sat May 18, 2019 11:12 am

Probably this happen because the remote VPN server push the default gateway and/or some DNS servers that filter out some sites.

You can check the routes/DNS used by the running VPN in the ROUTING tab.

To ignore the pushed routes and/or DNS you can follow these steps:
  • edit the VPN profile
  • tap on "Options"
  • select "Ignore pushed routes" and/or "Ignore pushed DNS servers"

ievgeny
Posts: 6
Joined: Sat May 18, 2019 7:31 am

Re: Default gateway problem

Post by ievgeny » Sat May 18, 2019 11:39 am

Unfortunately, the "Ignore pushed routes" and "Ignore pushed DNS servers" options do not have the desired effect. I don`t have root access on my device and cannot perform a full debugging.

Server config:

Code: Select all

port 1194
proto udp
dev tap
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key  # This file should be kept secret
dh easy-rsa/keys/dh2048.pem
server-bridge 10.71.10.1 255.255.255.0 10.71.10.231 10.71.10.254
duplicate-cn
keepalive 10 120
tls-auth easy-rsa/keys/ta.key 0 # This file is secret
cipher AES-128-CBC   # AES
comp-lzo
max-clients 24
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log-append  /var/log/openvpn/openvpn.log
verb 3
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh
crl-verify easy-rsa/keys/crl.pem
Any idea?

P.S.
The routing tab contains only the address of the tunnel and the route to it.

admin
Site Admin
Posts: 494
Joined: Fri Feb 15, 2019 4:04 pm
Contact:

Re: Default gateway problem

Post by admin » Sat May 18, 2019 12:46 pm

Ok, so the routes and the DNS are correct.
Most probably these apps doesn't work because are designed to work only without the VPN, so you must exclude these apps from the VPN.
Here the steps:
  • edit the VPN
  • tap on "App filter"
  • set the "App filter mode" to "The VPN can be used by any apps, except for the following apps"
  • use the "+" button to add the problematic apps

ievgeny
Posts: 6
Joined: Sat May 18, 2019 7:31 am

Re: Default gateway problem

Post by ievgeny » Mon May 20, 2019 9:42 am

Thanks for the help!

Post Reply