Page 1 of 1

Default gateway problem

Posted: Sat May 18, 2019 10:05 am
by ievgeny
In my case, when a VPN connection provides only local resources from the enterprise network, the Google Play application can not install or update applications. At the same time, search in Google Play application and the Internet in the browser work normally through a local Internet connection. Redirect gateway option is disabled. This would not be a big problem for me, but some applications also do not work properly for the same reason. For example WPS Office: ... office_eng
Please suggest the right direction to solve this problem.
Huawei P20 Lite | Android 8.0

Re: Default gateway problem

Posted: Sat May 18, 2019 11:12 am
by admin
Probably this happen because the remote VPN server push the default gateway and/or some DNS servers that filter out some sites.

You can check the routes/DNS used by the running VPN in the ROUTING tab.

To ignore the pushed routes and/or DNS you can follow these steps:
  • edit the VPN profile
  • tap on "Options"
  • select "Ignore pushed routes" and/or "Ignore pushed DNS servers"

Re: Default gateway problem

Posted: Sat May 18, 2019 11:39 am
by ievgeny
Unfortunately, the "Ignore pushed routes" and "Ignore pushed DNS servers" options do not have the desired effect. I don`t have root access on my device and cannot perform a full debugging.

Server config:

Code: Select all

port 1194
proto udp
dev tap
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key  # This file should be kept secret
dh easy-rsa/keys/dh2048.pem
keepalive 10 120
tls-auth easy-rsa/keys/ta.key 0 # This file is secret
cipher AES-128-CBC   # AES
max-clients 24
status /var/log/openvpn/openvpn-status.log
log-append  /var/log/openvpn/openvpn.log
verb 3
up /etc/openvpn/
down /etc/openvpn/
crl-verify easy-rsa/keys/crl.pem
Any idea?

The routing tab contains only the address of the tunnel and the route to it.

Re: Default gateway problem

Posted: Sat May 18, 2019 12:46 pm
by admin
Ok, so the routes and the DNS are correct.
Most probably these apps doesn't work because are designed to work only without the VPN, so you must exclude these apps from the VPN.
Here the steps:
  • edit the VPN
  • tap on "App filter"
  • set the "App filter mode" to "The VPN can be used by any apps, except for the following apps"
  • use the "+" button to add the problematic apps

Re: Default gateway problem

Posted: Mon May 20, 2019 9:42 am
by ievgeny
Thanks for the help!