I'm currently using a barracuda vpn client to connect to a vpn, which sets a default gateway for the vpn, routing all traffic through it. I've read about iproute2 and secondary routing tables, but my question is: since I don't have access to the ranges that must be routed through the vpn, is there a way to set up a secondary routing table in such a way that it the primary table fails to resolve a destination, it will try the secondary table?
Asked
Active
Viewed 542 times
1 Answers
0
Moved this from comment to answer, since I wanted to add a sentence and ran out of characters.
Not accessing doesn't necessarily mean fail. Nevertheless, can't you determine which subnets you use when you connect to the VPN? For example, if you access a server with 10.20.30.40 IP, you could add a static route for 10.20.30.0/24 through the vpn gateway and set the default gateway to your standard default gateway, the one used before connecting to VPN.
Other possibility, if your local network is a home network, using for example 192.168.1.0/24 ip range, and you connect using VPN to something using private IPs, you could quite safely add 10.0.0.0/8 and 176.16.0.0/12 to static routes through VPN. So all non-routable traffic would try to reach its destination through VPN. Routable traffic (ie Internet browsing) would also be possible.
Krackout
- 1,575
- 7
- 20
-
You're making perfect sense, but the thing is that it's not only private IPs, and I can't determine the full set of ranges (I would have to add AWS ranges, for example). Regarding your comment that not accessing doesn't necessarily fail, it doesn't bother me if every access that does not get a 200 response gets routed through the vpn, I just don't want everything to be sent there. – Thin_icE Feb 20 '21 at 22:50