openvpn routing?

M

Maxim2018-08-01 18:18:33

openvpn

Maxim, 2018-08-01 18:18:33

openvpn routing?

There is a task to configure office work through OpenVPN. Everyone should go to the Internet through the VPN channel, but traffic to the 192.168.18.0/24 subnet should still go through the ISP. For a number of reasons, I can only use the settings on the server side. In theory, write something like push "route 192.168.18.0 255.255.255.0 10.10.1.1". But the gateway is not fixed and may change upon reboot. How to implement this?
I don't even know which way to go.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Alexander, 2018-08-01
@UPSA

I think everything is done on iptables
https://unixforum.org/viewtopic.php?t=115121

K

ky0, 2018-08-01
@ky0

Your local subnet will continue to work without route pushing - unless, of course, 192.168.18.0/24 matches the settings on office machines.

M

Maxim, 2018-08-02
@freezl

At the moment, nothing smarter has come up with

push "route 0.0.0.0 128.0.0.0"
push "route 128.0.0.0 192.0.0.0"
push "route 192.0.0.0 255.128.0.0"
push "route 192.128.0.0 255.224.0.0"
push "route 192.160.0.0 255.248.0.0"
push "route 192.169.0.0 255.255.0.0"
push "route 192.170.0.0 255.254.0.0"
push "route 192.172.0.0 255.252.0.0"
push "route 192.176.0.0 255.240.0.0"
push "route 192.192.0.0 255.192.0.0"
push "route 193.0.0.0 255.0.0.0"
push "route 194.0.0.0 254.0.0.0"
push "route 196.0.0.0 252.0.0.0"
push "route 200.0.0.0 248.0.0.0"
push "route 208.0.0.0 240.0.0.0"
push "route 224.0.0.0 224.0.0.0"

Such a list of routes allows you to "cut" the subnet 192.168.0.0/16. That is, packets to the 192.168.0.0/16 subnet will go to the default gateway of the router, and everything else will go to the server through the VPN.