How do I redirect certain traffic through the openVPN tunnel "Split tunnel"?

Question

I have an openvpn server residing in amazon cloud on subnet 172.168.1.0/24. I have another X-ec2 instance on another subnet 172.168.2.0/24. I am able to not route internet traffic through the VPN by removing

push "redirect-gateway def1"

on the server configuration file. My requirement is that all traffic to instances on amazon cloud on both subnets 172.168.1.0/24 & 172.168.2.0/24 to go through the vpn tunnel so I added in the server.conf

push "route 172.168.1.0 255.255.255.0 vpn_gateway 1"
push "route 172.168.2.0 255.255.255.0 vpn_gateway 2"

I am still unable to reach the X-ec2 instance from my client windows workstation connected to the vpn. Am I missing anything here?

I also came across this Samba Share Over OpenVPN, Split Tunneling? but I done the exact same as told.

score 1 · Answer 1 · answered Jul 08 '19 at 11:46

Managed to get this to work. I forget two configurations regarding routing.

Routing the clients traffic (https://www.sys-dev.cat/blog/3/) iptables -t nat -A POSTROUTING -s 10.10.1.0/24 -o eth0 -j MASQUERADE

Enable IP Forwarding in the /etc/sysctl.conf for persistence net.ipv4.ip_forward = 1

And in my server.conf I changed push "route 172.168.1.0 255.255.255.0 vpn_gateway 1" push "route 172.168.2.0 255.255.255.0 vpn_gateway 2"

                       to

push "route 172.168.1.0 255.255.255.0"
push "route 172.168.2.0 255.255.255.0"

Restart Server when changes done.

How do I redirect certain traffic through the openVPN tunnel "Split tunnel"?

1 Answers1