OpenVPN disconnect removes active route to server IP, despite existing persistent route (On Windows) #970
Description
Describe the bug
When an OpenVPN client disconnects, persistent routes to the OpenVPN server IP remain in the routing table but the corresponding active route entry is removed. This causes the client to lose the active route to the server IP, breaking the ability to reconnect without manually refreshing the route or toggling the network interface. This behavior occurs even though the persistent route is still present, and it prevents seamless reconnection. The issue appears related to OpenVPN’s route cleanup logic on disconnect, which removes the active route to the OpenVPN Server IP that was used/added but does not restore or respect pre-existing active route to the OpenVPN Server IP.
To Reproduce (using Windows)
Configure an OpenVPN client on Windows with a persistent route to the OpenVPN server IP via a specific gateway/interface [not the default gateway].
Connect the OpenVPN client; the connection uses the persistent route correctly.
Disconnect the OpenVPN client.
Observe that the persistent route remains but the active route entry for the server IP is removed.
Attempt to reconnect; the connection fails because the active route to the server IP is missing.
Toggle the interface with a PS command (to restore the active route) Replace "Your_Interface_Name" with actual Interface Name:
Disable-NetAdapter -Name "Your_Interface_Name" -Confirm:$false; Start-Sleep -Seconds 5; Enable-NetAdapter -Name "Your_Interface_Name" -Confirm:$false
Expected behavior
On disconnect, OpenVPN should either:
Not remove the active route if a persistent route to the server IP already exists, or
Restore the active route from the persistent route after cleanup, ensuring connectivity to the server IP remains intact for reconnection.
Version information (2.7rc_6):
OS: Windows 11 (Only tested on Windows 64-bit version)
OpenVPN version: 2.7rc_6 (originally tested on 2.7rc_3, but also tested on the latest RC version)
Peer version: N/A (client-side issue)
Additional context
This issue is related to the previously reported and resolved issue #890, which addressed route management on Windows clients. However, the current behavior still causes disruption in environments where persistent routes are used to direct traffic to the OpenVPN server IP via a non-default gateway. A programmatic workaround involves toggling the network interface on disconnect to force Windows to reactivate persistent routes, but this is not ideal. A fix in OpenVPN’s route cleanup logic to respect existing persistent routes or avoid removing them unnecessarily would improve client stability and reconnection reliability.