OpenVPN Split Tunneling?

Greetings all,

I have enabled the OpenVPN Server on a new BE9300 router (firmware v4.8.4), and I can successfully connect remote clients to it.

However, I cannot figure out how to configure it for LAN-only split-tunneling on the server side such that:

#1: VPN clients route LAN subnets through the tunnel (and can therefore see/access other clients on the router's LAN)
#2: VPN clients do NOT route normal Internet traffic through the tunnel, but instead use their own direct Internet connection

I was able to accomplish #1 by turning ON the "Allow Remote Access to the LAN Subnet" switch in the "Options" dialog of the router's OpenVPN Server Setup page. Works perfectly.

However, I cannot figure out how to achieve #2 without disabling #1. I tried adding the "pull-filter ignore redirect-gateway" option to the client configuration file. That achieved #2, but disabled #1.

In my (admittedly limited) experience with other routers, there has always been the option to allow clients "LAN access" or "LAN access AND Internet access" via the tunnel.

Has anyone figured out how to use a GL iNet router in this configuration?

Hi

In the exported OVPN configuration file, you can add the following line in addition to pull-filter ignore redirect-gateway:

route 192.168.8.0 255.255.255.0

(Make sure to adjust the network and subnet mask according to your router’s configuration.)

This allows you to access the remote subnet while keeping your internet traffic routed through your own local connection.

For reference, here is the OpenVPN configuration documentation:

Thank you for your reply – that seems to have done it! I’ve bookmarked the OpenVPN 2.6 Manual page future reference.