Why isn't the service route for my VPN server correct?

For a VPN server, service routes are propagated to routing tables that have VPN server selected for the Accepts routes from attribute. These routes have names that are prefixed with ibm-vpn-server-.

In rare cases, you might find that these service routes are incorrect. For example, the Next hop is not the same as the private IP of your VPN server. In these cases, traffic is broken even if you connected to the VPN server successfully.

The VPN server service keeps monitoring the health of each VPN server. When a fault is detected, the service tries to recover the VPN server automatically. The recovery process might fail and cause inaccurate routes to remain.

Follow these steps to fix the service routes:

1. From your browser, open the IBM Cloud console and log in to your account.
2. Select the Navigation menu , then click Infrastructure > Network > Routing tables.
3. Select your VPC from the VPC drop-down menu.
4. Click the routing table to open its details page, then click Edit.
5. Clear the VPN server checkbox in the Accepts routes from (optional) section and click Save. Service routes propagated by the VPN server are removed.
6. Click Edit again.
7. Select VPN server in the Accepts routes from (optional) section and click Save. Service routes propagated by the VPN server are generated.