OpenVPN has a default that is not suitable for me. It does the below.....only I do not need the 0.0.0.0/1 and 128.0.0.0/1. I only need the last entry for the endpoint but doing 'pull-filter ignore "redirect gateway"' makes it not do any of the below...so how can I omit the default GW but still get the Endpoint route for the default gw on the firewall?
The additional routes are the result of the redirect-gateay option.
This adds 3 routes, the first two together span the whole internet and redirect into the tunnel:
dest 0.0.0.0 mask 128.0.0.0 gw 10.100.100.5
dest 128.0.0.0 mask 128.0.0.0 gw 10.100.100.5
These provide a "better" routing match than the default gateway (with a mask of zero) for all internet addresses.
The 3rd redirects the real VPN endpoint IP address to use the original gateway, and will be used for the encrypted VPN packets:
dest 185.118.18.66 mask 255.255.255.255 gw 192.168.20.254