Skip to content
Route all traffic *except*...
Got a problem with Viscosity or need help? Ask here!
Hi,
Brilliant software, thanks for making it so easy. Just one question...
My situation is that I'm behind a restrictive firewall at work, and I'm trying to get "proper" Internet access. I've installed and configured OpenVPN on a server I have on the public Internet and successfully tested the VPN at home. (The only wrinkle will be the proxy server at work, but I'll tackle that tomorrow.)
My question is how to get it to route everything to the VPN except private networks. The server is sending
I might run into DNS issues as well - but I'm thinking that if the DNS servers given to me by my physical connection's DHCP server are in the private network space, and those IPs are routed locally, it should be fine. The OpenVPN server isn't pushing out any DNS stuff.
Many thanks.
Brilliant software, thanks for making it so easy. Just one question...
My situation is that I'm behind a restrictive firewall at work, and I'm trying to get "proper" Internet access. I've installed and configured OpenVPN on a server I have on the public Internet and successfully tested the VPN at home. (The only wrinkle will be the proxy server at work, but I'll tackle that tomorrow.)
My question is how to get it to route everything to the VPN except private networks. The server is sending
Code: Select all
, and that's working fine - all my traffic gets sent to the tunnel. Problem is, I want the standard 192.168.x.x and the 10.x.x.x networks to be routed locally, not through the VPN. I tried mucking about with the "Networking" panel, but I buggered up something pretty badly and I'm a bit hesitant to try again.push "redirect-gateway def1 bypass-dhcp"
I might run into DNS issues as well - but I'm thinking that if the DNS servers given to me by my physical connection's DHCP server are in the private network space, and those IPs are routed locally, it should be fine. The OpenVPN server isn't pushing out any DNS stuff.
Many thanks.
Hi jurgen,
1. Go to the Viscosity menu, select Preferences, and Edit your connection
2. Click on the networking tab
3. Click the small "+" button in the Routing section to add a new route
4. Enter a Route/IP of "192.168.0.0" (no quotes). Enter a submask of "255.255.0.0". Enter a gateway of "net_gateway". Click the Add button.
5. Repeat steps 3 and 4, expect with a Route/IP of "10.0.0.0", and a submask of "255.0.0.0"
6. Click the Save button and try connecting.
The "net_gateway" command instructs the traffic to be routed through your normal local gateway rather than through the VPN connection.
Cheers,
James
Problem is, I want the standard 192.168.x.x and the 10.x.x.x networks to be routed locally, not through the VPN.Try the following:
1. Go to the Viscosity menu, select Preferences, and Edit your connection
2. Click on the networking tab
3. Click the small "+" button in the Routing section to add a new route
4. Enter a Route/IP of "192.168.0.0" (no quotes). Enter a submask of "255.255.0.0". Enter a gateway of "net_gateway". Click the Add button.
5. Repeat steps 3 and 4, expect with a Route/IP of "10.0.0.0", and a submask of "255.0.0.0"
6. Click the Save button and try connecting.
The "net_gateway" command instructs the traffic to be routed through your normal local gateway rather than through the VPN connection.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Hi AlexK,
Cheers,
James
Is it possible to tell OpenVPN to just use it for say ports 80 and 25 or for everything except ports say 443 and 8080?I'm afraid not, as the OS's routing table does not take port numbers into account. If you really need to just redirect specific ports you could try playing with something like SSH port forwarding/tunnelling to get certain traffic to go through the VPN. It might be possible to achieve a similar effect with iptables. However unfortunately there is no simple or direct way to achieve "port routing".
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
8 posts
Page 1 of 1