You are not logged in.
- Topics: Active | Unanswered
#1 2017-11-13 01:48:07
- BasT
- Member
- Registered: 2010-08-28
- Posts: 117
OpenVPN to not be used by default
I have setup an OpenVPN connection, which by default redirects all traffic through the VPN tunnel.
However I would to like the VPN to be ignored by default. Only applications that are set to specifically use the "tun0" network device should use VPN. I believe I have to change the routes to archive this but I haven't figured out how.
Before the VPN connection is started the route list looks like this:
$ ip route list
default via 192.168.1.1 dev eno1 proto static metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.26 metric 100 After starting the VPN (which pulls routes from the VPN server):
$ ip route list
0.0.0.0/1 via 10.8.8.1 dev tun0
default via 192.168.1.1 dev eno1 proto static metric 100
10.8.8.0/24 dev tun0 proto kernel scope link src 10.8.8.12
128.0.0.0/1 via 10.8.8.1 dev tun0
184.145.66.233 via 192.168.1.1 dev eno1
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.26 metric 100 Starting the VPN client with
# openvpn --route-nopull --config /etc/openvpn/client/client.confcauses DNS to no longer work. But otherwise it might be what I need.
$ ip route list
default via 192.168.1.1 dev eno1 proto static metric 100
10.8.8.0/24 dev tun0 proto kernel scope link src 10.8.8.12
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.26 metric 100Last edited by BasT (2017-11-13 01:58:17)
Offline
#2 2017-11-13 07:22:32
- x33a
- Forum Fellow
- Registered: 2009-08-15
- Posts: 4,587
Re: OpenVPN to not be used by default
AFAIK, you need to specifically instruct OpenVPN to route all traffic through the tunnel. See https://openvpn.net/index.php/open-sour … l#redirect
You probably have these lines in your server configuration.
Offline
#3 2017-11-13 09:07:03
- BasT
- Member
- Registered: 2010-08-28
- Posts: 117
Re: OpenVPN to not be used by default
The server (which is not configured by me) has these lines. That's the problem. I want to configure the client to *not* use the tunnel by default, contrary to the server's pushed default settings.
Last edited by BasT (2017-11-13 09:08:19)
Offline
#4 2017-11-13 10:54:03
- lo1
- Member
- Registered: 2017-09-25
- Posts: 584
Re: OpenVPN to not be used by default
https://bbs.archlinux.org/viewtopic.php?id=231016 this has been dealed with in this topic.
Offline