Hi Daniel disclaimer: I'm a network engineer but will weak Linux knowledge. I'm trying to change that though. It took me moment to realise but your script is meant to send traffic over the VPN based on destination IP addresses. I want to send traffic over the VPN based on source addresses. I think PBR is, as far as I know, the only way to do this apart from routed VPN-protocols. Something else that is "missing" in the default vpnc-script is the ability to set a metric per tunnel interface. But I'm looking to adapt the script to allow this. Or did I give you some ideas for feature requests :-) br, Jeroen On 22 June 2018 at 17:19, Daniel Lenski <dlenski at gmail.com> wrote: > On Thu, Jun 21, 2018 at 9:10 PM, Jeroen Balduyck > <jeroen.balduyck at gmail.com> wrote: >> Hi >> >> Can anyone tell me how to run multiple concurrent openconnect >> instances? I want a establish a client connection to 3 different VPN's >> at the same time and use policy based routing to a specifc VPN >> instance. >> >> Regards, >> Jeroen > > Apologies for self-promotion, but I wrote vpn-slice for this exact > purpose (https://github.com/dlenski/vpn-slice). It's a replacement for > the usual vpnc-script used by openconnect, making it easy to set up > split-tunnel routing (e.g. routing only specific IP addresses and/or > subnets to a VPN connection): > > sudo openconnect gateway.bigcorp.com -u user1234 \ > -s 'vpn-slice 192.168.1.0/24 hostname1 > alias2=alias2.bigcorp.com=192.168.1.43' > > I use it all the time to connect to 2-6 VPNs simultaneously. If you > don't have IP address/subnet clashes in the multiple VPNs that you > want to connect to, it would be a lot easier than setting up > policy-based routing. > > Dan
