Split Tunneling
Split Tunneling
But it seems I can't make split tunneling work.
I want that all internet traffic goes through my internet service provider and should not be routed through the VPN connection.
And the servers/machines of my company should be reached via VPN.
It's working fine on windows 10, so it's supported by our company/VPN.
Could you please help me ? Or isn't it possible ?
I tried this but it does not work (it seems that no website can be resolved, neither www.google.com nor a server of my company)
viewtopic.php?p=773#p773
Br
- Attachments
-
- Screenshot_20200616-193123.png (80.89 KiB) Viewed 1501 times
Re: Split Tunneling
With this configuration you can reach only the address 192.168.30.151.
You should add the routes for the corporate network (probably the network 192.168.30.0/24).
If your corporate networks are advised through a DHCP server you can follow these steps:
You should add the routes for the corporate network (probably the network 192.168.30.0/24).
If your corporate networks are advised through a DHCP server you can follow these steps:
- edit the VPN profile
- tap on "Options"
- select "Send DHCP INFORM request"
- save the changes
- edit the VPN profile
- tap on "IPv4 routes"
- use the "+" button to add the corporate networks
- save the changes
Re: Split Tunneling
Sorry, you are right, when using this option "Send DHCP INFORM request" I can reach the servers of my company via vpn.
But when I request www.google.com or www.someotherdomain.de all the traffic is routed through the vpn to my company.
I want that www.google.com or www.someotherdomain.de goes throuh my ISP (not through the vpn connection) and when I request servername_of_my_company.upper.local this should be send through the vpn connection.
When I want to reach my computers (within my home network), 10.0.0.x it's also not possible (do I have to add the routes manually)?
Is it possible to use also my DNS server so I can resolve mynotebook.local (10.0.0.1) ?
Now I have the following routes:
br
But when I request www.google.com or www.someotherdomain.de all the traffic is routed through the vpn to my company.
I want that www.google.com or www.someotherdomain.de goes throuh my ISP (not through the vpn connection) and when I request servername_of_my_company.upper.local this should be send through the vpn connection.
When I want to reach my computers (within my home network), 10.0.0.x it's also not possible (do I have to add the routes manually)?
Is it possible to use also my DNS server so I can resolve mynotebook.local (10.0.0.1) ?
Now I have the following routes:
br
- Attachments
-
- WhatsApp Image 2020-06-17 at 11.10.04.jpeg (38.83 KiB) Viewed 1494 times
Re: Split Tunneling
This happens because the DHCP in the corporate network advise also the public networks.
The only solution is to disable the "Send DHCP INFORM request" option and add the routes manually.
Probably the route 192.168.30.0/24 could be enough.
The corporate VPN push 2 DNS servers, so you must choose if you want to use these servers or ignore them.
You can change the DNS settings by editing the VPN profile and going to the "Options" section.
The only solution is to disable the "Send DHCP INFORM request" option and add the routes manually.
Probably the route 192.168.30.0/24 could be enough.
The corporate VPN push 2 DNS servers, so you must choose if you want to use these servers or ignore them.
You can change the DNS settings by editing the VPN profile and going to the "Options" section.
Re: Split Tunneling
hmm that's interesting: I disabled "Send DHCP INFORM request", but I still get the same routes and also can reach the servers of my company, but www.google.com still goes through the vpn connection, did I do something wrong?
As far as I understood you answer, reaching the companies server should no longer be possible (without adding the ipv4 route manually).
br
As far as I understood you answer, reaching the companies server should no longer be possible (without adding the ipv4 route manually).
br
Re: Split Tunneling
Without the "Send DHCP INFORM request" option you should get the same routes in the screenshot of your first post.
Then you can manually add the routes for the corporate network.
Then you can manually add the routes for the corporate network.
Re: Split Tunneling
Without the "Send DHCP INFORM request" I still get the same routes as posted here: viewtopic.php?p=1836&sid=e5ac98a6fa24ee ... 879b#p1836
So it seems enable or disable the "Send DHCP INFORM request" does not make any difference.
br
So it seems enable or disable the "Send DHCP INFORM request" does not make any difference.
br
Re: Split Tunneling
It's very strange.
Please, try to follow these steps:
Please, try to follow these steps:
- remove the VPN profile
- create a new VPN profile
- edit it
- tap on "IPv4 routes"
- unselect "Redirect gateway"
- tap on "+" button
- add the route 192.168.30.0/24
- save the changes
Re: Split Tunneling
Thank you very much, no it's working as expected!
Have a nice day.
Have a nice day.
Re: Split Tunneling
You're welcome.
Have a nice day you too.
Have a nice day you too.