How do I prevent OpenVPN from changing my default gateway?
Hi, i have a question about routing and OpenVPN.
I have an OpenVPN server account from a provider that I use as a VPN-solution. I have no control over the OpenVPN-server. I use Tunnelblick on OSX but I believe this is a pretty generic OpenVPN question. The server pushes some settings to my client and amongst other stuff it sends the "redirect-gateway def1" command which prevents OpenVPN from changing my default gateway but instead adds more specific routes so that my internet connection always uses the OpenVPN-server.
Connected to the server, a netstat -nr returns this:
0/1 10.9.0.1 UGSc 18 0 tun0
default 192.168.10.1 UGSc 2 0 en1
10.9/16 10.9.0.68 UGSc 28 0 tun0
10.9.0.68 10.9.0.68 UH 2 0 tun0
192.168.10.1 is my ordinary gateway and 0/1 is the OpenVPN-gateway.
But what I want to do is this:
When i connect to the OpenVPN server I want to let all my traffic keep flowing through my ordinary gateway 192.168.10.1 and only add routes for a few specific sites that should go trough the VPN. Since the server connection is activated at system startup I want the VPN to be connected but not used for other than those selected sites. This can be accomplished by changing the routes in OSX terminal manually but i want the OpenVPN client to do it automatically so I dont have to think about it.
Regards
Gunnar
I have an OpenVPN server account from a provider that I use as a VPN-solution. I have no control over the OpenVPN-server. I use Tunnelblick on OSX but I believe this is a pretty generic OpenVPN question. The server pushes some settings to my client and amongst other stuff it sends the "redirect-gateway def1" command which prevents OpenVPN from changing my default gateway but instead adds more specific routes so that my internet connection always uses the OpenVPN-server.
Connected to the server, a netstat -nr returns this:
0/1 10.9.0.1 UGSc 18 0 tun0
default 192.168.10.1 UGSc 2 0 en1
10.9/16 10.9.0.68 UGSc 28 0 tun0
10.9.0.68 10.9.0.68 UH 2 0 tun0
192.168.10.1 is my ordinary gateway and 0/1 is the OpenVPN-gateway.
But what I want to do is this:
When i connect to the OpenVPN server I want to let all my traffic keep flowing through my ordinary gateway 192.168.10.1 and only add routes for a few specific sites that should go trough the VPN. Since the server connection is activated at system startup I want the VPN to be connected but not used for other than those selected sites. This can be accomplished by changing the routes in OSX terminal manually but i want the OpenVPN client to do it automatically so I dont have to think about it.
Regards
Gunnar
jimmyray7
I don't think the client can override settings pushed down by the server.
ASKER
Correction, the VPN-gateway is ofc 10.9.0.1 nothing else.
So, can anybody confirm that you can't change settings pushed by server on the client?
So, can anybody confirm that you can't change settings pushed by server on the client?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Correct solution from forums.openvpn.net