Community discussions

MUM Europe 2020
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Using VPN for particular sites only

Thu May 03, 2012 4:58 pm

Hi there,
I was wondering if someone could help me. I would like to a VPN PPTP or L2TP connection for only certain sites (i.e. on demand). But all other web traffic routed as per normal.

Could someone help me how I'd go about doing this.
 
jandafields
Forum Guru
Forum Guru
Posts: 1514
Joined: Mon Sep 19, 2005 6:12 pm

Re: Using VPN for particular sites only

Thu May 03, 2012 5:07 pm

Hi there,
I was wondering if someone could help me. I would like to a VPN PPTP or L2TP connection for only certain sites (i.e. on demand). But all other web traffic routed as per normal.

Could someone help me how I'd go about doing this.
Simply use routes to send certain sites over the vpn. You can get as complex as you want.
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Using VPN for particular sites only

Sun May 06, 2012 12:24 am

Could you give an example of how to do this please - I'm struggling to setup this.

thank you
 
jandafields
Forum Guru
Forum Guru
Posts: 1514
Joined: Mon Sep 19, 2005 6:12 pm

Re: Using VPN for particular sites only

Sun May 06, 2012 1:37 am

Could you give an example of how to do this please - I'm struggling to setup this.

thank you
IP -> ROUTE
Add new route
Dst Address = Whatever IP(s) you want routed over the pptp link.
Gateway = Here you put the IP address of the remote PPTP server. Or, if router is your PPTP server, then you put the name of the interface.
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Using VPN for particular sites only

Sun May 06, 2012 1:41 am

There are various ways to achieve this and the best depends on the detail of what you want to achieve. e.g. You could set up the routing table to support the VPN path for (say) routing mark "VPN". The routes involved will then show in the routing table with the "VPN" routing mark. You then have various ways to set that routing mark as clients make connections - could be based on the source IP, destination IP, type of traffic, in-interface etc. etc. .

If you can give more details on how/when you want to have the traffic use the VPN it would be easier to make suggestions.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Using VPN for particular sites only

Sun May 06, 2012 4:58 pm

Hi
Thanks for your replies.

Basically there are only specific webpages that I would like to route over VPN for example let's say google.com. Any times that someone in the LAN requests to visit google.com, that visit should be transported over VPN.
If there user remains on google.com - looking for search results or adjust the search results that should all be transported through the VPN - basically anything with google.com/* or *.google.com.

If that same user is looking at another webpage like hsbc.co.uk then that traffic is routed as per normal.
 
User avatar
warwick09
Member Candidate
Member Candidate
Posts: 190
Joined: Mon Aug 07, 2006 1:34 pm
Location: The Bahamas / Florida

Re: Using VPN for particular sites only

Mon May 07, 2012 6:36 am

Firstly google has soo many ip ranges, it'd be quite hard to effectively to apply routing marking in this case - you can certainly try however. :D

Here they are:

66.102.0.0 - 66.102.15.255
66.249.64.0 - 66.249.95.255
72.14.192.0 - 72.14.255.255
74.125.0.0 - 74.125.255.255
209.85.128.0 - 209.85.255.255
216.239.32.0 - 216.239.63.255
64.233.160.0 - 64.233.191.255

What you want can easily be accomplished my applying a routing mark to the given ip range and then creating a route with dst 0.0.0.0/0 with a routing mark which corresponds to what you created - Be sure to specify the gateway which is used by the vpn connection, or to be crude you can select the interface itself.

Who is online

Users browsing this forum: Google [Bot] and 67 guests