[Openswan Users] Using a VPN connection for only certain traffic

Paul Wouters paul at xelerance.com
Wed Mar 28 19:19:54 EDT 2007

On Wed, 28 Mar 2007, baron.openswan at mailnull.com wrote:

> Forgive me if this has already been covered, but I had a question about
> L2TP over IPSec client configurations. I currently have a working
> VPN that's using IPSec and L2TP. My clients are either XP or OSX.
> Right now, when a client is connected, all traffic is routed throught that
> VPN connection. As you might imagine, things aren't quite as fast since the
> server is sitting on a DSL link and more importantly, I only need certain traffic
> to pass through that VPN connection to get to my systems.
> Is it possible to configure the client (or by some other means) such that only
> traffic destined for a certain domain (i.e., mydomain.com) goes through the
> VPN tunnel and all other traffic does not use the VPN?

Yes. Both Windows and OSX have the option for "sending all traffic over tunnel"
which you can turn off. For XP it is in the Advanced TCP/IP properties of the
VPN connection. For OSX, you need to be in the Internet Connect VPN listing,
and find the option from the pull down menu at the top (not the most logical
place to have to look)

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list