Use VPN only for Internet access and not LANs

[slym]

Hi there,

I'm trying to find a way to only route the internet traffic though the VPN connection and not LAN traffic.

This is already working for LAN in the same subnet as my workstation but not for LANs with different subnets.

It's quite simple to understand since the local default gateway is replaced with the VPN gateway.

Is there a way to do that without changing managing manually the routes ?

Basically, all LAN traffic with Private IPs should use the LAN gateway. All public IPs traffic should be routed through the VPN gateway.

Thank you for your help.

Setup : Virtual Hub with SecureNat + Virtual DHCP

[qupfer]

slym wrote:

> Is there a way to do that without changing managing manually the routes ?

Short Answer: No

Long Answer: No, but maybe you could use instead of VirtuaNAT a "bridge" and a own DHCP server, which is serving correct routes.

[nafne011]

Don't use SecureNat, it slows the things. Use LocalBridge and dnsmasq instead, it'll

prevent dns leaks also. Good howto http://blog.lincoln.hk/blog/2013/05/17/softether-

on-vps-using-local-bridge/

[slym]

Thank you for your answers.

I'm all about simplicity and SecureNat is already pretty fast for what I do so I'm not sure to be ready to use dnsmasq.

I may just make a connect/disconnect script that adds/removes the routes.

I'm quite disappointed. I really thought that there would be an easier way such as an advanced option in the product.

[thisjun]

If you don't need routing on client side LAN, please try to use accesslist function to deny to access to server side LAN.