ER7206 with OC200 - OpenVPN split tunnel mode in Controller mode ignoring Policy Routing

ER7206 with OC200 - OpenVPN split tunnel mode in Controller mode ignoring Policy Routing

ER7206 with OC200 - OpenVPN split tunnel mode in Controller mode ignoring Policy Routing
ER7206 with OC200 - OpenVPN split tunnel mode in Controller mode ignoring Policy Routing
22 hours ago
Model: ER7206 (TL-ER7206)  
Hardware Version: V2
Firmware Version: 2.2.3 Build 20250723 REL.05551

Hi,

 

We are using a ER7206 as OpenVPN server.
The ER7206 is in controller mode with a OC200 controller

We use the VPN to make it possible to work from Home and reach IP-restricted servers (the servers are restricted on our office IP-address) .

We have tried multiple settings we've found by Googling but can't get it to work with routing (policy's).
And the subnets for OpenVPN server Subnets are limited to 5.

 

- We run on multiple locations on-premise servers. which are only reachable due a whitelisted IP.
- The servers are running not on the same subnets.

- We don't want to use the full-tunnel mode, because only the traffic to the listed IP's should run trough the VPN.

- We don't want to use different OpenVPN setting files (because it will get hard to manage more then 10 different VPN files for multiple employees).

 

And updating the ovpn file for each time a new server or subnet is added isn't an option to because all employees also needs to be aware there is a new OVPN file available.

 

We would like to manage this connections that needs to be routed trough the VPN in our Omada Dashboard.


We have found that "Policy Routing" should be working for this, but after setting up everything we discoverd that is it only working in standalone mode and not in Controller mode (that we use).
Why it is not working in Controller mode (The controller adds a lot of extra features but this important feature it is dropping).

Cameras: Tapo C100 | Tapo C200 | Tapo C310 | Tapo C320WS SmartPlugs: Tapo P100 | Tapo P115 LightBulbs: Tapo L530E | Tapo L630 Gateway: ER605 | ER7206 EAP: EAP225 | EAP772
  0      
  0      
#1
Options