I have a OpenVPN server setup at home on my local LAN. I use OpenVPN client on iOS and Windows to connect to my VPN side LAN and also route internet traffic through the VPN tunnel.
But sometimes I don't want the Internet traffic to route through the tunnel. So on the client I have created two OpenVPN-profiles. Default all traffic are sent to the tunnel. And the config that I want to use for only accessing the VPN side LAN I have added this:
Code: Select all
pull-filter ignore "redirect-gateway"
This is my configurations!
port 123
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.55.1"
push "dhcp-option DOMAIN example.com"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 1
client
dev tun
proto udp
remote example.com 123
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
verb 3
pull-filter ignore "redirect-gateway"
CERT AND KEYS STRIPPED...
When using the above client config I cannot access VPN side LAN or Internet via VPN. But when skipping
Code: Select all
pull-filter ignore "redirect-gateway"
Note when using the config to not route Internet traffic I also want to be able to use VPN side LAN DNS for *.example.com domains, but client side DNS for other domains on Internet.
Please help me out with advice here.
I could setup two different VPN servers with different push-directives, but that's not an ideal solution for me.
Thanks!
//Sam