This is intended for users who understand SSH
.
This article demonstrates a method by which a VPN tunnel can be by-passed for local IP addresses; this is appropriate if you live in the UK and still want to use SKY or BBC IPlayer on specific devices, yet have other devices use the VPN. This article does not deal with setting up a VPN.
In this example a block of IP addresses from 192.168.1.128 to 192.168.1.255 will be set to bypass the VPN tunnel.
Log into SSH
cd /etc/openvpn
use ls
to identify the openvpn config file - it will end in .conf
edit the config file vi <MyOpenVPNConfig>.conf
where <MyOpenVPNConfig>.conf is your .conf file
search through the file for any route-pull
commands; if you find them comment them out by inserting a#
at the start of the line.
At the end of the file insert the following:
# # Insert Routing to bypass VPN tunnel # route-nopull route-noexec up /etc/openvpn/up-script.sh down /etc/openvpn/down-script.sh
exit and save the .conf file (ESC
, CTRL-Z
)
now create the up script:
vi up-script.sh
insert the following:
# ip rule add from 192.168.1.128/25 priority 10 table vpn ip route add 192.168.1.128/25 dev tun1 table vpn ip route add default via $ifconfig_remote dev tun1 table vpn ip route flush cache
Save & exit (ESC
, CTRL-Z
)
Now Create the Down script:
vi down-script.sh
insert the following:
# rm /etc/openvpn/up touch /etc/openvpn/down ip rule del from 192.168.1.128/25
Save & exit (ESC
, CTRL-Z
)
Change the 192.168.1.128/25 in all scripts to reflect the local IP addresses of the devices you want to be bypassing the VPN
Reboot
the router.