OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: ranceh on August 24, 2018, 03:22:02 pm
-
I need some help finding a good how to so I can setup split tunneling with my openvpn setup that is already working through opnsense.
I have an issue at work when I vpn home for offsite testing of various items namely some of my work functionality is broken because the vpn is taking over all dns requests and in this case thats not quite what I want, so I'm asking for some help to find the right setting(s) to change.
After reading openvpn docs I think what I want to do is possible, but just don't see how to do it in opnsense. If openvpn is not the right tool, I'm willing to consider alternatives as well.
-
What client are you using to connect? As long as you aren't pushing all your traffic through the VPN, you should be able to do what you are asking.
I use a Mac and Viscosity and that gives me the option to push only certain DNS traffic through based on the domains and such.
It's not bad to get setup.
-
Im using Tunnelblick for mac.
-
I use the "Community GUI"
in the Advanced field I've added
push "block-outside-dns" so the client is forced to use DNS in the VPN
Then i push all the routes I need
push "route 10.8.1.0 255.255.255.0"
push "route 10.8.2.0 255.255.255.0"
...
It's not elegant use the Advanced field but it's quite comfortable
PS
I'm moving the routes management to RADIUS ... it's look promising
-
From what I remember, Tunnelblick doesn't do split DNS so you'd have to find another client, which is why I moved to Viscosity as I didn't want to write my up up / down scripts within Tunnelblick.
Link for the docs to set it up:
https://www.sparklabs.com/support/kb/article/configuring-dns-and-wins-settings/#split-dns