LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-26-2016, 08:39 PM   #1
RyanRahl
LQ Newbie
 
Registered: May 2011
Location: The Pacific Northwest
Distribution: Debian/Ubuntu
Posts: 7

Rep: Reputation: Disabled
Routing to VPN only for private addresses?


I'm working remotely to my job with connection to a vpn that is 1000s of miles away and frankly quite slow. When the VPN initializes it's connection all traffic is routed through said VPN, which is frustrating and I'd like my laptop to only route through the VPN to the private addresses in the VPN, everything else, through my normal gateway. I'm sure this is possible but I am not a network guru.
Before I'm connected to the VPN my network config looks like this
Code:
wlp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.27.15  netmask 255.255.255.0  broadcast 192.168.27.255
        inet6 fe80::ce3d:82ff:fe6f:361e  prefixlen 64  scopeid 0x20<link>
        ether cc:3d:82:6f:36:1e  txqueuelen 1000  (Ethernet)
        RX packets 6395669  bytes 7384490836 (6.8 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3232495  bytes 603869217 (575.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
route looks like this
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.27.1    0.0.0.0         UG    600    0        0 wlp3s0
192.168.27.0    0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
When I'm connected to the VPN my network config looks like this
Code:
wlp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.27.15  netmask 255.255.255.0  broadcast 192.168.27.255
        inet6 fe80::ce3d:82ff:fe6f:361e  prefixlen 64  scopeid 0x20<link>
        ether cc:3d:82:6f:36:1e  txqueuelen 1000  (Ethernet)
        RX packets 6351659  bytes 7319816201 (6.8 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3207333  bytes 599099526 (571.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=81<UP,POINTOPOINT,RUNNING>  mtu 1411
        inet 10.25.9.194  netmask 255.255.255.255  destination 1.1.1.1
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 273558  bytes 366601185 (349.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 167641  bytes 12699451 (12.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
route like this
Code:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.25.9.194     128.0.0.0       UG    1      0        0 tun0
0.0.0.0         192.168.27.1    0.0.0.0         UG    600    0        0 wlp3s0
1.1.1.1         0.0.0.0         255.255.255.255 UH    0      0        0 tun0
128.0.0.0       10.25.9.194     128.0.0.0       UG    1      0        0 tun0
153.X.X.X      192.168.27.1    255.255.255.255 UGH   1      0        0 wlp3s0
192.168.27.1    192.168.27.15   255.255.255.255 UGH   1      0        0 wlp3s0
The goal is basically to route all traffic destined for 10.*.*.*, 172.16.*.* and a small possibility of a few subnets in 192.168.???.*

Any help with this would be amazing. thank you
 
Old 08-27-2016, 03:25 PM   #2
Mitt Green
Member
 
Registered: May 2014
Location: Europe
Posts: 199

Rep: Reputation: 116Reputation: 116
Hi,

You can add those private addresses to route like this:
Code:
sudo route add YOURIPHERE dev tun0
You can also specify a netmask before "dev tun0". Do you use SSH? For SSH with VPN there's some Ubuntu-specific documentation that might help you.
 
1 members found this post helpful.
Old 09-03-2016, 02:39 PM   #3
RyanRahl
LQ Newbie
 
Registered: May 2011
Location: The Pacific Northwest
Distribution: Debian/Ubuntu
Posts: 7

Original Poster
Rep: Reputation: Disabled
Hi, thanks for the reply. This is kind of what I am looking for but the other way around. When I connect to the VPN it sets up all my traffic to route through tun0. How do I change my default gateway on my local network interface (wlp3s0) to 192.168.27.1, and route all private addresses through tun0?
 
Old 09-04-2016, 05:17 AM   #4
Mitt Green
Member
 
Registered: May 2014
Location: Europe
Posts: 199

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by RyanRahl View Post
Hi, thanks for the reply. This is kind of what I am looking for but the other way around. When I connect to the VPN it sets up all my traffic to route through tun0. How do I change my default gateway on my local network interface (wlp3s0) to 192.168.27.1, and route all private addresses through tun0?
Simply change tun0 to your interface (wlp3s0) in the example above.
 
  


Reply

Tags
centos, networking, routing, tun, vpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN not routing through server but still local routing pptpd narnie Linux - Server 1 01-21-2014 07:03 PM
Application specific routing (not routing p2p over vpn) tkalfaoglu Linux - Networking 1 06-15-2013 07:33 AM
How do you determine how many IP addresses, which should be private and how to instal Cannan2468 Linux - Server 6 02-22-2008 10:09 AM
how to hide private IP addresses in mai lheaders manya Linux - Security 1 04-08-2005 04:22 PM
Evolution mail and private addresses... NetArch Linux - Security 0 12-30-2004 11:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration