OpenVPN Support Forum

Posted: **Tue Aug 04, 2020 6:30 pm**

I have a headless debian 10 system it has openvpn 2.4 installed and it has two physical interfaces:

eth0 - 192.168.1.155/24
eth1 - 192.168.2.155/24

eth0 is the primary interface and is the default gateway of the system:

Code: Select all

default via 192.168.1.1 dev eth0 onlink 
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.155 
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.155

I've configured the interface in a way requests/responses always go through the same interface.

Code: Select all

0:	from all lookup local 
32764:	from all to 192.168.2.155 lookup vpn 
32765:	from 192.168.2.155 lookup vpn 
32766:	from all lookup main 
32767:	from all lookup default

From this machine I want to start a VPN session, using openvpn client functionalities, to my VPN provider. I downloaded the .ovpn file from their website.
and using this .opvn file i am able to establish a VPN session. I noticed that the traffic of all interfaces, eth0 and eth1, now goes through the VPN tunnel. This is not what I want. I would like to bind the VPN session to a specific interface so that I can decide which application must use the VPN session and which not. The effect would be (with a active VPN session):

Code: Select all

eth0 -> home ISP IP
eth1 -> VPN Server IP

I've tried binding the client to an interface using the local parameter. But this does not seems to work.

Code: Select all

local 192.168.2.155

No errors occur but the logs tell me:

Code: Select all

...
Mon Aug  4 09:57:33 2020 /sbin/ip route add 185.153.176.222/32 via 192.168.1.1
...

Question #1: It my desired client configuration possible?
Question #2: How do I configure the openvpn client that a VPN session is only avaible through interface eth1.

Any advise is appreciated.

OpenVPN Support Forum

Configuration VPN session traffic through one specific interface

Configuration VPN session traffic through one specific interface