I have L2TP VPN connection on my Ubuntu laptop and I want to connect to a server in my local network. How do I do so by bypassing the VPN connection?
Asked
Active
Viewed 6,065 times
5
-
1No idea what your VPN is running, but this option is sometimes referred to as "split tunnel". Some VPNs allow configuration of the client's routing automatically. – jscott Jan 31 '17 at 13:52
-
@jscott It's addon `L2TP` for NetworkManager and doesn't support the "split tunnel" you mentioned. It was nice finding about it though! – Alexander Suraphel Feb 07 '17 at 15:18
1 Answers
4
The solution was to modify the routing table in such a way that IPs in local network are routed via the default gateway:
sudo ip route add 10.11.0.0/16 via 10.66.157.1
Where 10.66.157.1 is the default gateway in my routing table. I found it via the command ip route.
Alexander Suraphel
- 495
- 5
- 13
-
That _is_ split tunneling. There are some VPN clients that actively search for and remove such routes. They don't allow split tunneling because it is a security risk. If your VPN is to a business network, then you may want to discuss this with your network administrators. – Ron Maupin Feb 07 '17 at 15:25
-
@RonMaupin oh ok. In my case, it's not to a business network. I would love to know why it is a security risk though. – Alexander Suraphel Feb 07 '17 at 15:28
-
A remote user could set up a connection to both the business an the Internet, and set up the PC so the it can route between the two. Then you have two problems. The first problem is that the remote PC could be compromised from the Internet, and the bad guys would have access into the business network. This happened to Target, and it cost them many millions of dollars. The other problem is that the user, having established this, can go into work and have unfettered access to the Internet through the remote PC, bypassing the network security and policies. – Ron Maupin Feb 07 '17 at 15:32
-
Also, if your question is not for a business, it is off-topic here. – Ron Maupin Feb 07 '17 at 15:33
-
That's an old fashioned way of defining "business network"... When using Kubernetes, your assumptions don't have to apply on business networks. – Akito Feb 14 '22 at 16:11