Jump to content
Not connected, Your IP: 18.117.188.105
Sign in to follow this  
shiro21

[SOLVED] Routing certain traffic outside of VPN

Recommended Posts

I currently enjoy the safety and anonymity of OpenVPN but would love to avoid the speed performance necessitated by the overhead. Don't get me wrong. The performance drop is not a reflection of AirVPN and the reduction in speed is reasonable. After all, pushing 20 Mbits down is impressive. But I am an unreasonable person and I want to get as close as top speed as I paid my ISP for.

Since I mainly use SFTP, FTPES (FTP SSL/TLS), and my USENET provider encrypts transfers, I figured there's no need to encrypt twice and pay the penalty. I recently tried a propriety OpenVPN client called Viscosity that makes it easy to reroute certain traffic outside the VPN tunnel. But to do that, the OpenVPN servers have to not specifically pull all traffic. During my tinkering, it seems AirVPN's servers are configured to pull all traffic, which under normal situations, is a good thing. Is this the case? If so, can I send a command script to not do that? I tried it and the servers pretty much stopped accepting my credentials for a while and I cried.

Share this post


Link to post

I currently enjoy the safety and anonymity of OpenVPN but would love to avoid the speed performance necessitated by the overhead. Don't get me wrong. The performance drop is not a reflection of AirVPN and the reduction in speed is reasonable. After all, pushing 20 Mbits down is impressive. But I am an unreasonable person and I want to get as close as top speed as I paid my ISP for.

Since I mainly use SFTP, FTPES (FTP SSL/TLS), and my USENET provider encrypts transfers, I figured there's no need to encrypt twice and pay the penalty. I recently tried a propriety OpenVPN client called Viscosity that makes it easy to reroute certain traffic outside the VPN tunnel. But to do that, the OpenVPN servers have to not specifically pull all traffic. During my tinkering, it seems AirVPN's servers are configured to pull all traffic, which under normal situations, is a good thing. Is this the case? If so, can I send a command script to not do that? I tried it and the servers pretty much stopped accepting my credentials for a while and I cried.

Hello!

Yes, we confirm that our servers push routes so that ALL the traffic will go in the encrypted tunnel. About your Usenet provider, using the VPN is useful if you wish to hide to that provider your real IP address, just in case...

Instead of refusing the push (which might make your OpenVPN client uneasy), you could rewrite the routing table after the connection, or you could rewrite your OpenVPN configuration file. As usual, proceed with caution. Any mistake can destroy your anonymity layer. Some ideas: http://dltj.org/article/openvpn-split-routing/

EDIT: This thread looks better http://forums.openvpn.net/topic8229.html

Kind regards

Share this post


Link to post

I figured it out!! (This is like the fourth time I come to you with questions but figured it out.)

Looking at your links about configuring files and routing tables looked daunting but familiar. Viscosity does allow you to mess with your routing table without knowing any scary command line codes. I just didn't know HOW to configure it. The articles you posted offered instructions on what values to put where. The problem I encountered was that I initially entered the wrong mask and gateway information.

I highly recommend Mac users use Viscosity as an alternative to Tunnelblick. It's only $9 but I think it's easier to use and faster.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...