Recently a customer send an ovpn file to connect to a server, which is on private netowrk.
When i connect to the VPN, all my internet traffic get routed via the VPN. I only want traffic the server get routed through the VPN.
The .ovpn file had following content
dev tun
persist-tun
persist-key
data-ciphers AES-256-CFB8:AES-128-GCM:AES-256-CBC
data-ciphers-fallback AES-256-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote 12.15.1.112 9411 udp4
nobind
verify-x509-name "colmed-oci" name
pkcs12 sok.p12
tls-auth sok-tls.key 1
remote-cert-tls server
explicit-exit-notifyTo configure the OpenVPN client to route only specific traffic (e.g., 10.20.60.0/24) through the VPN while leaving the rest of the traffic to use your regular internet connection, edit .ovpn file and add the folowing to it.
route 10.20.60.0 255.255.255.0
pull-filter ignore "redirect-gateway"First line tells the VPN client to route traffic destined for 10.20.60.0/24 through the VPN.
Second directive prevents OpenVPN from pushing a redirect-gateway command, which would send all traffic through the VPN.
Verify Route
To verify route, use the command
ip routeYou will see entry like the following
boby@sok-01:~$ ip route | grep "10.20.60"
10.20.60.0/29 via 10.80.30.1 dev tun0
10.20.60.0/24 via 10.80.30.1 dev tun0
boby@sok-01:~$ Back to OpenVPN