Route only certain IP range with VPN connection
I used this question to help me out and it turned out I needed one extra command.
Basically the working solution for Mac OS X 10.11.6
goes as follows:
sudo route delete -net default -interface ppp0
sudo route add -net 0.0.0.0 -interface en0
sudo route add -net 172.20.0.0 -netmask 255.255.0.0 -interface ppp0
Which basically means:
- Delete default route on interface
ppp0
which was set byFortiClient
- Add default route for every IP on your default interface (for me
en0
) - Route the specific IP range through
ppp0
(FortiClient) interface.
Linux
equivalent, as mentioned in the question, is:
sudo route del default ppp0
sudo route add -net 172.20.0.0 netmask 255.255.0.0 dev ppp0
So you actually skip the step #2.
Not that hard in the end.
Related videos on Youtube
Atais
Updated on September 18, 2022Comments
-
Atais over 1 year
We are using
FortiClient
to connect to one of our client's VPN. Unfortunately,FortiClient
is routing all the traffic over VPN as default.We have found a way around it, for Linux. After connecting with VPN we run:
sudo route del default ppp0 sudo route add -net 172.20.0.0 netmask 255.255.0.0 dev ppp0
And now, only the addresses starting with
172.20.x.x
are resolved over VPN connection.Now, I am using
FortiClient 5.4
onMac OS X 10.11.6
and I am trying to remake the above to work onMac OS X
. Basically I have problems even with the first step. I have tried:sudo route delete -net default -ifp ppp0
But the routing still does not work expected. Easily to test, because there is no Internet connection behind the VPN - I can not browse/ping any website :-).
What am I doing wrong? Thanks for help!
-
harrymc almost 8 yearsSee the script in this answer.
-