Split VPN for only one subnet or protocol
-
Hello,
We have Netgate appliances setup with OpenVPN that works fine. We checked "Force all client-generated IPv4 traffic through the tunnel." and it works as expected, however we need now to split VPN traffic for MS Teams in order to let the "media streams" flow directly to/from Microsoft to reduce latency.
All the doc I found for Split Tunneling shows the opposite, define what traffic goes through the tunnel (by providing routes and disabling "Force all client-generated IPv4 traffic through the tunnel.".
Can I push routes to the client to override "Force all client-generated IPv4 traffic through the tunnel." or there is another way to set exceptions ?Thank you
Patrick
-
@redfish Is it just Teams or do you want to have ONLY your private LAN traffic to go through the tunnel and all other traffic bypass VPN?
-
@michmoor
Hello,
For the time being it is just Teams (and only the media flow, 13.107.64.0/18 being one of the ranges), we may add some other exceptions later but the default rule is for remote users to use the VPN for all traffic (except Teams media for now).Thank you
-
@redfish i think something like this
push "route 13.107.64.0 255.255.192.0 net_gateway" -
Thank you, that made it.
I did not expect that I could use Client Specific Overrides to add a route on top of "Force all client-generated IPv4 traffic through the tunnel."