VPN - force a selective range of ip to run on VPN (linux)
Posted
by
Francesco
on Super User
See other posts from Super User
or by Francesco
Published on 2013-06-26T02:44:26Z
Indexed on
2013/06/26
4:23 UTC
Read the original article
Hit count: 481
Preface: I know there are similar question here and there however I'm a kind of newbie on Net stuff so I need an answer on this specific scenario, hoping that can help others too as it is a common problem
Let say I cannot do anything on the local switch to change the local ip range, I don't want to use any complicate trick as use VMachine to hide the local ip range but I want to use net tools to solve the issue.
Scenario
my local net assign me an IP of this class 192.168.1.xxx (ex. 192.168.1.116) and my VPN (VPNC) assign me IP of same class 192.168.1.xxx (ex. 192.168.1.247)
Obviously I need VPN to access local address (ex. 192.168.1.100) but when I open any address of the class 192.168.1.xx the route point to my local net and not to the VPN ones.
I'm on linux and i'd like gui solution (network manager) in case it is not possible let play with route
command.
here what network manager offer me:
Here my actual route once connected to the VPN:
Here some route information (route -n
)
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
192.168.1.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0
192.168.1.246 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
Here my ifconfig
:
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.1.247 P-t-P:192.168.1.246 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:3415 errors:0 dropped:0 overruns:0 frame:0
TX packets:2525 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3682328 (3.6 MB) TX bytes:402315 (402.3 KB)
wlan0 Link encap:Ethernet HWaddr 4c:eb:42:06:a3:a6
inet addr:192.168.1.116 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::4eeb:42ff:fe06:a3a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:72598 errors:0 dropped:0 overruns:0 frame:0
TX packets:42300 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76000532 (76.0 MB) TX bytes:13919400 (13.9 MB)
The Question So basically I would like to add a rule to force this particular address (192.168.1.100) on the VPN and not on my local net
© Super User or respective owner