Bypass tunneling via client config file

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
Griman
OpenVpn Newbie
Posts: 2
Joined: Tue Nov 26, 2019 9:15 am

Bypass tunneling via client config file

Post by Griman » Tue Nov 26, 2019 9:35 am

Hi,

I have never used VPNs before, so please forgive me if this question is stupid:

I have a free trial for an VPN provider and i want to see if it is possible to ONLY route my bittorrent traffic through the VPN, while surfing etc through my usual ISP connection. I can set my bittorrent client to use the VPN providers proxy server, but this proxy server requires me to be logged in to the vpn, too.
So my idea is to log into the VPN (via OpenVPN GUI on Windows 7) and change my config file to bypass the tunneling part. First from what i understood it wasn't possible at all, without changing the server configuration. But then i found this
https://community.openvpn.net/openvpn/w ... ectGateway
telling me to add those lines to my vpn clients config file:

Code: Select all

route 0.0.0.0 192.0.0.0 net_gateway
route 64.0.0.0 192.0.0.0 net_gateway
route 128.0.0.0 192.0.0.0 net_gateway
route 192.0.0.0 192.0.0.0 net_gateway

Now my config file looks like this

Code: Select all

# AzireVPN.com configuration generator
# Location: netherlands
# Protocol: udp
# Port: random
# DNS-leak protection: yes

client
dev tun
proto udp
remote nl1.ovpn.azirevpn.net 1194
remote nl1.ovpn.azirevpn.net 443
resolv-retry infinite
auth-user-pass
nobind
persist-key
persist-tun
remote-cert-tls server
reneg-sec 0
keepalive 10 60

block-outside-dns

mute-replay-warnings
explicit-exit-notify 3

cipher AES-256-CBC
auth SHA512
tls-version-min 1.2

route 0.0.0.0 192.0.0.0 net_gateway
route 64.0.0.0 192.0.0.0 net_gateway
route 128.0.0.0 192.0.0.0 net_gateway
route 192.0.0.0 192.0.0.0 net_gateway

(i left out the certificate/key at the end)

Theres no error with this new config file, but it doesn't change anything as far as i can tell. Whatismyip still returns the netherland IP from my VPN provider. I expected to see my real, german IP.

Any help would be greatly appreciated

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Bypass tunneling via client config file

Post by TinCanTech » Tue Nov 26, 2019 12:43 pm

What you are trying to do is avoid redirecting your client gateway, try this instead ..

Remove this:
Griman wrote:
Tue Nov 26, 2019 9:35 am

Code: Select all

route 0.0.0.0 192.0.0.0 net_gateway
route 64.0.0.0 192.0.0.0 net_gateway
route 128.0.0.0 192.0.0.0 net_gateway
route 192.0.0.0 192.0.0.0 net_gateway
Use this:

Code: Select all

pull-filter ignore "redirect-gateway"
Then read your log to confirm what is ignored .. may require --verb 4

Griman
OpenVpn Newbie
Posts: 2
Joined: Tue Nov 26, 2019 9:15 am

Re: Bypass tunneling via client config file

Post by Griman » Tue Nov 26, 2019 7:24 pm

I tried it and still my real ip isn't shown.

I'm afraid to post my whole log file because i don't know if there's any confidential information but i see that the changes in the config file lead to different behaviour. By the way, the '--verb 4' thingy, i would have to add that to the OpenVPNGUI.exe command line, right?

This is the part of my log which has changed

Code: Select all

Tue Nov 26 20:09:17 2019 add_route_ipv6(2a0e:1c80:4:1014::/64 -> 2a0e:1c80:4:1014::1007 metric 0) dev LAN-Verbindung 4
Tue Nov 26 20:09:17 2019 IPv6 route addition via service succeeded
Tue Nov 26 20:09:17 2019 Blocking outside dns using service succeeded.
Tue Nov 26 20:09:23 2019 TEST ROUTES: 0/0 succeeded len=0 ret=1 a=0 u/d=up
Tue Nov 26 20:09:23 2019 add_route_ipv6(2000::/3 -> 2a0e:1c80:4:1014::1 metric -1) dev LAN-Verbindung 4
Tue Nov 26 20:09:23 2019 IPv6 route addition via service succeeded
2a0e:1c80:4 is the netherlands ip of the VPN Server. Lan-Verbindung 4 is my network adapter device.
There's no entry containing the word 'ignore' ..

Post Reply