I'm trying to setup a OpenVPN connection so that by default no traffic is sent through the VPN server. Traffic is only send through the VPN server if the program explicitly uses that interface.

If setup correctly, I expect I would get the following output from Terminal:

$ curl icanhazip.com
<LOCAL_IP>
$ curl --interface tun0 icanhazip.com
<SERVER_IP>

I'm working with a VPN server that sends some default routes that send most traffic over the VPN server, like the ones on vpngate, which is not what I want, however from the OpenVPN documentation, it seems simple enough to block the default routes to makes this work.

Just add this to the CLI:

--pull-filter ignore redirect-gateway

Or in the config file:

pull-filter ignore "redirect-gateway"

Trouble is when I do that, nothing is sent over the VPN server:

$ curl icanhazip.com
<LOCAL_IP>
$ curl --interface tun0 icanhazip.com
<LOCAL_IP>

I think I'm missing something. How can I get this to work?

Software:

• Ubuntu 18.04
• OpenVPN 2.4.4
• A vpngate OpenVPN config