LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-31-2010, 01:42 AM   #1
Reactor89
LQ Newbie
 
Registered: May 2010
Posts: 2

Rep: Reputation: 0
Creating simultaneous network connections to a VPN and local area network.


Greetings linuxquestion.org

Background:

I'm working with a Ubuntu 10.04 LTS system with two network interfaces (both Ethernet).

The Idea: I wish to setup this system such that it is simultaneously connected to my local and an OpenVPN network and able direct traffic between the connections depending on what program is sending the traffic.

The problem: Under my current OpenVPN configuration all network traffic is directed to the VPN.

My OpenVPN config file (some details omitted)

--remote [gateway ip] # vpn12 load:
--remote [gateway ip] # vpn11 load:
--remote [gateway ip] # vpn15 load:
--remote [gateway ip] # vpn16 load:
--remote [gateway ip] # vpn8 load:
--remote [gateway ip] # vpn4 load:
--remote [gateway ip] # vpn13 load:
--remote [gateway ip] # vpn10 load:
--remote [gateway ip] # vpn7 load:

--auth-nocache
--auth-user-pass [username and password file]
--client
--ca ca.crt
--cert client.crt
--key client.key
--dev tun
--nobind
--topology subnet
--ns-cert-type server
--proto udp
--port 1194
--persist-key
--persist-tun
--ping 15
--ping-restart 45
--ping-timer-rem
--tls-client
--pull
--comp-lzo
--verb 3
--script-security 2

In practice, I would like OpenVPN to operate out of one of my two network interfaces and leave the other interface connected to the local network. Then by default all network traffic should be directed to my local network unless I specify (on a per program bases) that certain traffic should go though the VPN.

These two network connections can (should) stay completely independent of each other and do not need to talk to each other.

Can anyone provide me with instruction/direction on how I can achieve such a setup?

Constructive input is appreciated,
Reactor89
 
Old 05-31-2010, 07:30 PM   #2
SuperJediWombat!
Member
 
Registered: Apr 2009
Location: Perth, Australia
Distribution: Ubuntu/CentOS
Posts: 208

Rep: Reputation: 50
You need to look up policy based routing.

You will end up using iptables to mark outgoing packets going to a particular port, then using the mark with a routing rule forcing it to use your VPN interface, rather than the default gateway.

Read this: http://lartc.org/howto/index.html
 
1 members found this post helpful.
Old 06-03-2010, 01:52 AM   #3
Reactor89
LQ Newbie
 
Registered: May 2010
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks SJW,

That's the guidance I needed to at least understand where I need to go. I still haven't pieced together my exact plan of attack for this issue but other problems with making my Openvpn connection reliability to deal with first. Once I iron out these other issues, I will come back to setting up the proper routing.

Reactor89
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
see the local area network vipin_jss Linux - Software 2 08-27-2007 06:50 PM
Local area network Anthony123 Linux - Laptop and Netbook 1 08-13-2003 06:00 AM
Local area network Anthony123 Linux - Networking 1 08-13-2003 05:59 AM
Multiple simultaneous VPN connections? chamitha Linux - Networking 3 08-29-2002 01:28 AM
Multiple simultaneous VPN connections? chamitha Linux - Newbie 1 08-28-2002 05:12 AM


All times are GMT -5. The time now is 05:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration