Default gateway randomly switches from WAN to a VPN client. What’s the fix?
What’s your default Gateway set to?
If you’re using just one WAN I would go into the WAN Gateway config and disable all the monitoring parts.
System>Routing>Gateways
There are a few different settings that each correct the gateway changing when the gateway IP is showing down. (you only need to do one of the four)
Gateway settings (edit the WAN gateway):
- Set the gateway IP address to something reachable so the gateway does not show as down
- Check the Disable Gateway Monitoring checkbox
- Check the Disable Gateway Monitoring action checkbox.
System settings:
- Manually select the Default gateway instead of Automatic.
On the VPN client settings page check the boxes for Don’t pull routes, and Don’t add/remove routes.
Seems you have included the vpn as a member of a group.
You shouldn’t include VPN client as one of your gateway group.
I also read that you only have one WAN interface.
If that’s the case, you shouldn’t have any gateway groups.
Periodically, my default gateway switches from the WAN GW to my VPN client gateway. The OpenVPN client is configured to not add or remove routes automatically, and rules are in place for specific subnets to route through the VPN gateway, and nothing else. I have not been able to resolve the issue, so rebooting has been my ‘quick fix,’ but I need to fix the root of the problem. Any ideas?
Set the gateway manually in your outbound fw rule
My default gateway is the WAN_DHCP GW, and I only have one physical WAN connection. However, the default got relocated to the VPN.
I just disabled the GW monitoring for the WAN. Hopefully that does the trick…
I looked earlier and those options are checked.
I have a gateway group for 3x VPN clients for HA. That gateway group excludes the WAN and is only applied to certain subnets. It should have no impact on the issue at hand.