Split tunnel tweaks?

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
bubble1975
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 05, 2010 8:34 am

Split tunnel tweaks?

Post by bubble1975 » Tue Oct 05, 2010 8:38 am

Heya,

So, I have a cool little openvpn server, works great. I have all client traffic being routed through the VPN server, so no split tunneling enabled. But, on a couple client hosts, I'm finding the need to have one type of traffic (to one network specifically) NOT go through the VPN. Does anyone know if there is a way *on the client side* to add a route to a network such that it will not go through the VPN, but all other traffic to all other networks goes through the VPN?

Thanks for any advice!!

User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: Split tunnel tweaks?

Post by krzee » Tue Oct 05, 2010 8:44 am

viewtopic.php?f=12&t=7065
he came in the IRC channel, figured it out, and i asked him to post there because i KNEW it would help someone later :D

bubble1975
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 05, 2010 8:34 am

Re: Split tunnel tweaks?

Post by bubble1975 » Tue Oct 05, 2010 8:59 am

Thanks! I think I'm closer but still no dice... I added this to my client.conf (under linux):

push "route 155.98.10.0 255.255.252.0 155.98.50.1"
push "redirect-gateway def1"

but it still doesn't seem to work... Forgive my ignorance here... ;) I don't see a 'route add' command in the logs for that network when the client fires up. Maybe I'm getting the syntax wrong?

Thanks again!

User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: Split tunnel tweaks?

Post by krzee » Tue Oct 05, 2010 9:08 am

he added those to his SERVER
you can not push from client to server
your server already pushes redirect-gateway to you
just use this:
route 155.98.10.0 255.255.252.0 net_gateway
in your client config

note, net_gateway is a variable accepted by openvpn, do not replace it with an IP

bubble1975
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 05, 2010 8:34 am

Re: Split tunnel tweaks?

Post by bubble1975 » Tue Oct 05, 2010 9:45 am

Gravy! That did the trick! Thanks so much.

Zollie69
OpenVpn Newbie
Posts: 1
Joined: Thu Dec 22, 2011 11:46 am

Re: Split tunnel tweaks?

Post by Zollie69 » Thu Dec 22, 2011 11:50 am

I have a local server running Small Business Server 2008 that has a bunch of data on it.

I have a server running Windows Server 2008 R2 that is hosted out on the internet (Rackspace).

I need to securely copy some data from the SBS server to the Rackspace server. My first thought was that since VPN is already configured on the SBS server, I would just set up a connection from the Rackspace server to the SBS server and copy the files I need that way. However when I establish the VPN connection I lose RDP access to the Rackspace server. I believe what I need to do is allow split tunneling, is that right? Can anyone point me in the right direction on either how to do that, or give me another suggestion on how to securely copy the files between servers? I am not opposed to loading (free) software on either server for this purpose but I can't buy anything just for this purpose.

User avatar
Mimiko
Forum Team
Posts: 1564
Joined: Wed Sep 22, 2010 3:18 am

Re: Split tunnel tweaks?

Post by Mimiko » Sun Dec 25, 2011 11:04 am

Just reconnect to the server with RDP using its VPN ip.

ZatTheGreat
OpenVpn Newbie
Posts: 9
Joined: Fri Nov 14, 2014 7:31 pm

Re: Split tunnel tweaks?

Post by ZatTheGreat » Thu Mar 12, 2015 9:41 am

Hi guys! I was wondering if I can use this to redirect some traffic (specific programs) with a proxy.

if I use the route-nopull to not pass all trafic to the tunnel and the route <proxyip> net_gateway to get my proxy to use the tunnel.

would this work or do you guys know a better way?

thanks for all help.

Post Reply