The opposite of IP Exceptions?

[Umby]

I would like to add an IP to my config file that makes OpenVPN route traffic through it. I want all of my other traffic to not use the VPN, just traffic that goes to which IP I pick.

I've used the search function and had no luck, so any help is appreciated, even if you just tell me what to search for!

[maikcat]

you can use something like the following to your server config

Code: Select all

push "route 192.168.22.5 255.255.255.255"

your client will send traffic for 192.168.22.5 ip through the vpn tunnel.

Michael.

[Umby]

So first I have to tell it to not direct anything through the vpn... right?

Am I on the right track with this link?
https://community.openvpn.net/openvpn/w ... ectGateway

[maikcat]

yeap,this will do too...

Michael.

[Umby]

OK So now I am seeing that I have to create the client config file myself. I have found this sample one to do that for me.

Does it matter at which line I add the line you mentioned?

I decided to go with your method because it seems a bit more clear. I am to replace the IP you mentioned with the IP of the server I am connecting to, right?

Also if encryption slows it down at all, can I delete the line that says encryption?

Code: Select all

client
dev tap
proto udp
remote YOURHOST.dyndns.org 1194  
route 192.168.1.0 255.255.255.0 vpn_gateway 3  
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt" 
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key"  
ns-cert-type server
cipher BF-CBC        # Blowfish (default) encrytion
comp-lzo
verb 1

Also, I read that teamspeak uses TCP as well as UDP, is this config OK even though it says "proto UDP"?


I thank you for your time and appreciate all of your help. I am trying to learn this as much as I can but I am having trouble so examples are helping me more than anything.

[maikcat]

OK So now I am seeing that I have to create the client config file myself. I have found this sample one to do that for me.

keep in mind that some options need to be the same on BOTH server/client configs,
also post your server config used.

Does it matter at which line I add the line you mentioned?

the push line must be added to your server config so server can push options to clients,
generally you dont have a problem with the ordering of directives,

I decided to go with your method because it seems a bit more clear. I am to replace the IP you mentioned with the IP of the server I am connecting to, right?

is the ip of the server you want to bypass the vpn tunnel.

Also if encryption slows it down at all, can I delete the line that says encryption?

negative,deleting the line simply causes openvpn to use default value,in cipher case that Blowfish cbc,
for openvpn to work you need to use the SAME cipher in both ends,
again post your server config

Also, I read that teamspeak uses TCP as well as UDP, is this config OK even though it says "proto UDP"?

teamspeak? what this have to do with openvpn anyway?
in any case openvpn works in layer2/3 meaning you encapsulating traffic for the above layers,
so in your case and if you pass teamspeak traffic over openvpn , its almost the same by using tcp or udp for teamspeak itself.

I am trying to learn this as much as I can but I am having trouble so examples are helping me more than anything.

you have a loooong way to go...

Michael.