3
1
I am using VPN (Cisco IPSec) through the default Mountain Lion network preferences. In Lion (and also i Snow Leopard), I did the following to change the routing back to using my default gateway for all traffic, and the set up a few routes for the specific IP-ranges that needed to go through VPN:
# Route traffic through VPN:
route -nv add -net IPRANGE -interface utun0
#...more lines for the different IP-ranges that should go through VPN)
# Route all other traffic through the old default gateway:
route change default DEFAULT-GATEWAY-IP
This seems to not work under Mountain Lion. The (new implementation?) of Cisco IPSec seems to dynamically add a lot of routes to the routing table as I visit them in the browser.
I have debugged this a lot (pinging, traceroute'ing), but still haven't found a solution.
The basic problem I'm trying to solve is just to route traffic for specific IP-ranges through VPN, everything else should act as I am not connected to VPN. Any other solution that achieves that will be fine with me =)
"This seems not to work" isn't a very good description of the problem. What exactly goes wrong? – David Schwartz – 2012-07-26T09:58:07.930
As I said, there seems to be added new (and more specific) routes for every domain I visit. This wasn't the case in Lion/Snow Leopard. This means that this method of changing the default route won't work, as there will be created new and more specific routes for every IP/domain I visit, and these takes over the default route. – Espen Herseth Halvorsen – 2012-07-26T10:11:07.960
are you using the built in ipsec client? Do you have send all traffic over the vpn checked ? By default anything should use the routing tables, make sure your default is set to where you think it should be and you don't have any more specific routes such as (0.0.0.0/1 and 128.0.0.0/1) – Doon – 2012-07-27T19:54:54.613
Yes, I'm using the built in Cisco IPSec. The option to send traffic on/not on the VPN connection is not present... – Espen Herseth Halvorsen – 2012-07-30T08:48:21.870