Skip to content

Instantly share code, notes, and snippets.

@aont

aont/How to Route Only Specific Address Ranges Through VPN Using openfortivpn.md

Last active June 18, 2025 02:12
Show Gist options
  • Save aont/c21803b6320055bdbf17de5157fdf8cc to your computer and use it in GitHub Desktop.
Save aont/c21803b6320055bdbf17de5157fdf8cc to your computer and use it in GitHub Desktop.
Download ZIP
Raw
How to Route Only Specific Address Ranges Through VPN Using openfortivpn.md

How to Route Only Specific Address Ranges Through VPN Using openfortivpn

Purpose: This guide explains how to configure routing so that only necessary IP address ranges go through the VPN interface (ppp0), while the default internet traffic uses the regular network interface (eth0). This avoids routing all traffic through the VPN and limits VPN usage to required subnets.

Steps:

  1. Change the default route to go through the main network interface (eth0) instead of the VPN interface (ppp0):

    ip route replace default via 172.27.48.1 dev eth0

    note: 172.27.48.1 is eth0's original gateway. (it is always(?) the same as the host address.)

  2. Add specific routes for the required address ranges to go through the VPN interface (ppp0). For example, to route traffic for A.B.C.D/E via the VPN:

    ip route add A.B.C.D/E dev ppp0

This setup ensures that only the specified subnet uses the VPN, while other traffic uses the regular network connection.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment