Bypass OpenVPN for Select IP

General questions.
Post Reply
ipfire_user
Posts: 20
Joined: June 16th, 2017, 11:47 pm

Bypass OpenVPN for Select IP

Post by ipfire_user » August 25th, 2019, 5:01 pm

I have IPFire set up with a VPN using OpenVPN. All traffic is directed through the VPN and all is working as expected.

I now have a need for traffic from one of the internal IPs on the green network to route through the normal ISP connection versus being routed through the VPN.

As best I can tell, I'd need to add some ip rule and ip route entries for said IP. I think these could be added to rc.local.

For example:

/sbin/ip rule add from 192.168.0.75 lookup 100
/sbin/ip route add default dev red0 table 100

to route said traffic through the red0 interface versus the tun0 interface.

Is the above the correct syntax and is rc.local the correct place to put it?

Any other entries needed?

Thanks in advance.

SmithJ
Posts: 18
Joined: July 4th, 2019, 5:21 pm
Location: USA
Contact:

Re: Bypass OpenVPN for Select IP

Post by SmithJ » August 26th, 2019, 6:42 pm

route-nopull
route 192.168.0.0 255.255.255.0
These entries belong in your .ovpn file and will direct all 192.168.0.* subnet traffic through the VPN.

For one IP only (192.168.0.1):

route-nopull
route 192.168.0.1 255.255.255.255

ipfire_user
Posts: 20
Joined: June 16th, 2017, 11:47 pm

Re: Bypass OpenVPN for Select IP

Post by ipfire_user » August 26th, 2019, 7:04 pm

Thanks for the reply. Not sure I'm following properly but those commands seem to be the reverse of the request?

Those examples would seem to only route the selected subnet or IP through the VPN versus the original request of only routing one IP outside the VPN and through the ISP connection.

Could you please clarify?

Thanks!

Post Reply