Use OpenVPN connection only for internal resources

Question

I am connecting to the OpenVPN on Linux Mint and then:

Instantly I can access my internal VPN resources, but I access Internet via VPN also, not via my own connection, so I enter:

sudo route add default gw 192.168.1.1 wlp3s0

Then I can access Internet via my own connection (not via VPN), but I lose access to VPN internal resources.
Then I enter:

route add -net 10.100.0.0 netmask 255.255.0.0 dev tun0

Now I access Internet via my own connection and VPN internal resources via VPN are accessible.

This is the routing on Linux machine after all the above steps:

$ route -v
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         funbox.home     0.0.0.0         UG    0      0        0 wlp3s0
default         _gateway        0.0.0.0         UG    50     0        0 tun0
default         funbox.home     0.0.0.0         UG    600    0        0 wlp3s0
10.8.0.0        _gateway        255.255.255.0   UG    50     0        0 tun0
10.8.0.1        _gateway        255.255.255.255 UGH   50     0        0 tun0
_gateway        0.0.0.0         255.255.255.255 UH    50     0        0 tun0
10.100.0.0      0.0.0.0         255.255.0.0     U     0      0        0 tun0
link-local      0.0.0.0         255.255.0.0     U     1000   0        0 wlp3s0
178.183.8.254.p funbox.home     255.255.255.255 UGH   600    0        0 wlp3s0
192.168.0.0     _gateway        255.255.0.0     UG    50     0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0
funbox.home     0.0.0.0         255.255.255.255 UH    600    0        0 wlp3s0

It works great on Linux, but I am trying to achieve the same on Windows. The difference is that on Linux I am using Wi-Fi and on Windows machine I am connected to Internet via ethernet cable to the router.

On Windows I connect using OpenVPN software and now I can access my internal VPN resources and when I access Internet it is done via VPN, not my connection.

I tried entering the following on Windows:

route add 192.168.1.1 mask 255.255.255.255 192.168.1.10 (this is my internal IP assigned by router)
route add 10.100.0.0 mask 255.255.0.0 10.8.0.22 (this is my IP assigned by OpenVPN)

When I enter them then I lose access to the internal resources of VPN and also the Internet is still accessible via VPN.

This is the routing after connecting to OpenVPN:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.10     25
          0.0.0.0        128.0.0.0        10.8.0.21        10.8.0.22    281
         10.8.0.0    255.255.255.0        10.8.0.21        10.8.0.22    281
         10.8.0.1  255.255.255.255        10.8.0.21        10.8.0.22    281
        10.8.0.20  255.255.255.252         On-link         10.8.0.22    281
        10.8.0.22  255.255.255.255         On-link         10.8.0.22    281
        10.8.0.23  255.255.255.255         On-link         10.8.0.22    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
        128.0.0.0        128.0.0.0        10.8.0.21        10.8.0.22    281
    178.183.8.254  255.255.255.255      192.168.1.1     192.168.1.10    281
      192.168.0.0      255.255.0.0        10.8.0.21        10.8.0.22    281
      192.168.1.0    255.255.255.0         On-link      192.168.1.10    281
     192.168.1.10  255.255.255.255         On-link      192.168.1.10    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.10    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link         10.8.0.22    281
        224.0.0.0        240.0.0.0         On-link      192.168.1.10    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link         10.8.0.22    281
  255.255.255.255  255.255.255.255         On-link      192.168.1.10    281

I tried editing the OpenVPN config file and commented out the line:

#redirect-gateway def1

then I can access Internet via my connection, but internal resources are not accessible and adding route add 10.100.0.0 doesn't help.

How can I make Internet accessible on Windows via my own connection and not lose access to internal VPN resources (as on Linux)?

score 2 · Accepted Answer · answered Dec 28 '20 at 16:18

2

Resolved the issue by editing the OpenVPN config file. Now I don't need to add any routes manually!

I have commented out the redirect-gateway def1 line:

#redirect-gateway def1

added a dhcp-option with DNS server:

dhcp-option DNS 10.100.20.10

and added a route just before 'pull' command:

route 10.100.0.0 255.255.0.0

Internet is accessible via my own connection and VPN internal resources via VPN connection, brilliant :)

answered Dec 28 '20 at 16:18

Michał Kochanowicz

148
1
9

For anyone else using the default Docker kylemanna/openvpn setup, your route should be: `route 192.168.0.0 255.255.0.0`. – kontextify Dec 11 '22 at 10:19

Use OpenVPN connection only for internal resources

1 Answers1