Per Application Routing w/ Multiple Interfaces

Y

Yacko

n00b
Joined
Jul 26, 2004
Messages
62
I have a pc with multiple connections that looks like this:

[Internet] -- [Router] -- [LAN] -- [PC] -- [VPN Tunnel] -- [remote network] -- [Router] -- [Internet]

Ok by default on the PC everything goes through the LAN to get to the internet. The routes specify that the LAN interface is the primary interface and VPN Tunnel is a lower priority. What I want to do is have some programs use the VPN Tunnel to get to the internet instead of using the lan (Don't ask).

I was hoping to find some program on source forge or something that could do per program routing. There is no proxy on the VPN tunneled side so I can't tell it to use this.

Anyone have an ideas how to get this set up?
 
just to get this strait. you are hoping to get certain apps to go thru your VPN while others go direclty thru your ISP and not the VPN?
 
Yes that is correct. Although the VPN still goes through my ISP it would go through the VPN tunnel to the VPN Endpoint and to the internet that way instead of directly through my ISP.
 
delemorte said:
and you only have one IP from your ISP?
Click to expand...

That is correct. The PC has 2 addresses.

Public Address [Interface on the Internet]
Private Address [Interface for the VPN Tunnel]

By default, all Internet connections go use the public address to the internet.

But for some applications, Yahoo Messenger for instance, I want to go over the VPN Tunnel and then to the internet. I have the tunnel working and through routing I can set up some connections to use it, but would be easier if there was a program or something that said, "if its this program then use this interface". Does such a program exist?
 
I played with some connection teaming software some months ago that promised this type of funcionality but i was never able to get it to work. As for any personal experience i have, once you establish a secure connection via VPN all traffic is routed thru that connection and therefore all security and user policies would be in affect.
 
Some VPN's allow you to do split tunneling. Most are based off of a subnet list. i.e. you define a list of subnets that go to VPN all others go out your internet connection.

There are some security risks associated in doing this. One good reason is you might not want the extra overhead of Internet traffic coming over the VPN and then back out to the internet. Most implementations I have seen are NOT split because of the security concern.
 
You must log in or register to reply here.
Back
Top