Host exceptions in client config to bypass VPN

volher · Post by **volher** » Mon Sep 29, 2014 5:37 pm

Hi there,

I am using a VPN provider which blocks sending emails via the VPN connection. Therefor, I would like to directly contact my email server, thereby bypassing openvpn.

Is it possible to add a list of a few exempted servers in the config file? What is the command syntax, if there is any?

Thanks

Traffic · Post by **Traffic** » Tue Oct 21, 2014 12:05 pm

To have a certain host address bypass your VPN add this to the client config:

Code: Select all

route host-ip-address-A 255.255.255.255 local-real-ip-address-B

Where:

host-ip-address-A: is the ip address of the host you want to contact directly
local-real-ip-address-B: is the real IP address of your computer (not the VPN address)

volher · Post by **volher** » Tue Oct 21, 2014 7:31 pm

Ok, thank you very much, will try!

volher · Post by **volher** » Wed Oct 22, 2014 5:59 am

Well, unfortunately

route mail.gmx.net 255.255.255.255 192.168.110.20

does not work.

Traffic · Post by **Traffic** » Wed Oct 22, 2014 9:41 am

You cannot add routes by DNS name ..

Traffic wrote:Where:

host-ip-address-A: is the ip address of the host you want to contact directly

volher · Post by **volher** » Wed Oct 22, 2014 11:02 am

Well, i looked up the man an it says:

--route network/IP [netmask] [gateway] [metric]
Add route to routing table after connection is established. Multiple routes can be specified. Routes will be automatically torn down in reverse order prior to TUN/TAP device close.
This option is intended as a convenience proxy for the route(8) shell command, while at the same time providing portable semantics across OpenVPN's platform space.

netmask default -- 255.255.255.255

gateway default -- taken from --route-gateway or the second parameter to --ifconfig when --dev tun is specified.

The default can be specified by leaving an option blank or setting it to "default".

The network and gateway parameters can also be specified as a DNS or /etc/hosts file resolvable name

but it didn't work, so maybe you are right. You said [gateway] was my local IP, is that the IP of my computer in the LAN or doesn't gateway rather refer to the router?

volher · Post by **volher** » Wed Oct 22, 2014 11:07 am

I does work:

route mail.gmx.net 255.255.255.255 LAN-IP-of-the-router

Thanks!

Traffic · Post by **Traffic** » Wed Oct 22, 2014 12:17 pm

volher wrote:route mail.gmx.net

This is considered to be a security risc .. but it's up to you how you manage your network.

Traffic · Post by **Traffic** » Wed Oct 22, 2014 12:21 pm

volher wrote:You said [gateway] was my local IP, is that the IP of my computer in the LAN or doesn't gateway rather refer to the router?

Traffic wrote:local-real-ip-address-B: is the real IP address of your computer (not the VPN address)

Yes, you are right .. that should be the local-real-ip-address-of-gateway of your LAN (not the VPN address).

OpenVPN Support Forum

Host exceptions in client config to bypass VPN

Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN

Re: Host exceptions in client config to bypass VPN