Windows – OpenVPN: Only route a specific IP addresses through VPN

openvpnroutingtunnelwindows

On a remote private network there are two servers — a file server and a database server (these are both Win machines, in case it matters).

The file server has its own fairly robust authentication mechanisms, and allows me to connect directly from a remote location.

The database server uses a simple username and password, so to prevent unauthorized access, it's locked down to the local network — external traffic is blocked.

To access the database server, I'm using the OpenVPN client on Windows to connect to a VPN server on the private network.

By default, OpenVPN routes all network packets destined for the remote network on which the VPN server resides, through the VPN. Unfortunately, accessing the file server through the VPN is extremely slow!

Question:

How can I configure the OpenVPN client to ONLY route traffic through the VPN that is destined for a single, specific IP address — namely the database server??

Best Answer

The correct configuration for OpenVpn is:

route-nopull 
route 192.168.0.0 255.255.255.0

These entries belong in your .ovpn file and will direct all 192.168.0.* subnet traffic through the VPN.

For one IP only (192.168.0.1):

route-nopull 
route 192.168.0.1 255.255.255.255

BTW: route-nopull means "don't pull routes from the server"

Best Answer

Related Solutions

How to Route Specific Traffic Through OpenVPN on Ubuntu

Ubuntu – How to route specific traffic through OpenVPN

Related Question