Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Networking: VPN Static Routing

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
tsmith3480
Posts: 4
Joined: 2018-04-16 11:20

Networking: VPN Static Routing

#1 Post by tsmith3480 »

Here is my setup...

Debian Wheezy running as my gateway. It has 4 NICs, all configured to different subnets...
eth2 192.168.2.1
eth3 192.168.3.1
eth4 192.168.4.1
eth5 192.168.5.1

It is also used to connect to a USB modem which provides the internet and connects to a VPN...
usb-tap 192.168.10.2
tun0 172.21.22.126

Right now, all traffic going out to the internet tunnels through the VPN adapter. This was my initial intention, however, now that I have 3 additional NICs, I would like to have 2 of them route through the VPN tun0 adapter, i.e. eth2 and eth3, and have the other two route directly to the internet through the usb-tap adapter. I'm fairly certain this has to be done through static routes, but I have not been able to put my finger on how to do that yet. Any assistance would be greatly appreciated. Here is my current route table with the VPN connected:

# ip route show
0.0.0.0/1 via 172.21.22.1 dev tun0
default via 192.168.10.1 dev usb-tap
128.0.0.0/1 via 172.21.22.1 dev tun0
172.21.22.0/23 dev tun0 proto kernel scope link src 172.21.22.126
192.168.1.0/24 via 192.168.2.16 dev eth2
192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.1
192.168.3.0/24 dev eth3 proto kernel scope link src 192.168.3.1
192.168.4.0/24 dev eth4 proto kernel scope link src 192.168.4.1
192.168.5.0/24 dev eth5 proto kernel scope link src 192.168.5.1
192.168.10.0/24 dev usb-tap proto kernel scope link src 192.168.117.2
209.107.210.128 via 192.168.10.1 dev usb-tap

#netstat -anr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.21.22.1 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.10.1 0.0.0.0 UG 0 0 0 usb-tap
128.0.0.0 172.21.22.1 128.0.0.0 UG 0 0 0 tun0
172.21.22.0 0.0.0.0 255.255.254.0 U 0 0 0 tun0
192.168.1.0 192.168.2.16 255.255.255.0 UG 0 0 0 eth2
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth5
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 usb-tap
209.107.210.128 192.168.10.1 255.255.255.255 UGH 0 0 0 usb-tap

Thanks,
Tony

Post Reply