search

OpenVPN Split tunneling

hashtag
Fundamental

For example, suppose a user utilizes a remote access VPN software client connecting to a corporate network using a hotel wireless network. The user with split tunneling enabled is able to connect to file servers, database servers, mail servers and other servers on the corporate network through the VPN connection. When the user connects to Internet resources (Web sites, FTP sites, etc.), the connection request goes directly out the gateway provided by the hotel network.

hashtag
Advantage

  • Alleviate bottlenecks and conserve bandwidth as Internet traffic does not have to pass through the VPN server.

  • A user works at a supplier or partner site and needs access to network resources on both networks throughout the day. Split tunneling prevents the user from having to continually connect and disconnect.

hashtag
Configuration

Goal:

  • Direct connect for most requests, don't use VPN

  • only requests from local client to 171.253.181.55 is in the tunnel, secure, encrypted

Current

  • OpenVPN server IP: 45.79.85.159 from us

  • client configuration file: client.ovpn

Config

$ vim client.ovpn
# Add 2 lines into beginning of this client config file
# route-nopull 
# route  171.253.181.55

hashtag
Reference

  1. https://en.wikipedia.org/wiki/Split_tunnelingarrow-up-right

  2. https://www.ibvpn.com/billing/knowledgebase/330/Split-Tunneling-for-OpenVPN-GUI.htmlarrow-up-right

PreviousNginx reloadNextNmap commands

Last updated