Losing connection with Unknown DTLS packet

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 28, 2016 at 7:42 PM, Stuart Luppescu <slu at ccsr.uchicago.edu> wrote:
> On Mon, 2016-11-28 at 16:34 -0800, Daniel Lenski wrote:
>> Why are you sending all your internet-bound traffic through the VPN
>> if it's not necessary to do so? Sounds like you want to do split
>> tunneling.
>
> I was not aware of this before but it sounds like a good thing to do.
> Do I just export those environment variables that start with
> CISCO_SPLIT_INC and start the script as usual?

Here's a tutorial on how to wrap the default vpnc-script to do split
tunneling: https://gist.github.com/jagtesh/5531300

If you only need to access a few hosts behind the VPN, then have a
look at vpn-slice, which I wrote to make this
simpler: http://github.com/dlenski/vpn-slice.

It's a Linux-only drop-in replacement for the vpnc-script. It ignores
the routing configuration sent by the VPN gateway, and only routes
traffic to specific hosts or subnets through the VPN, and leaves
everything else alone. For example:

    openconnect gateway.company.com \
      --script 'vpn-slice myhost myotherhost 192.168.0.0/16'

That will only route traffic to the two named hosts and one subnet
through the VPN. It will not change your DNS configuration either, but
it will do a DNS lookup for the two hosts using the VPN's DNS servers,
and add them to /etc/hosts, so that you can refer to them by name.

Dan



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux