On Mon, Dec 23, 2019 at 6:28 AM Ross Burton <ross@xxxxxxxxxxxxx> wrote: > > Is there some trick to configuring a macOS proxy so that it is used > for VPN connections? Or am I just doing something wrong? This is *not* a direct answer to your question (I don't run macOS myself), and apologies as usual for self-promotion, but might I suggest trying vpn-slice? (https://github.com/dlenski/vpn-slice) I wrote vpn-slice for situations like yours. It's a replacement for the usual vpnc-script used by openconnect, making it easy to set up split-tunnel routing (e.g. routing only specific IP addresses and/or subnets to a VPN connection), so that the VPN doesn't “steal all routes” and so that you don't *have to use a proxy*. You use it like this, specifying individual routes or hosts that you want to go through the VPN tunnel, and leaving everything else alone: sudo openconnect gateway.bigcorp.com -u user1234 \ -s 'vpn-slice 192.168.1.0/24 hostname1 alias2=alias2.bigcorp.com=192.168.1.43' Anyway, many other users of OpenConnect are having success with it, and it now has full macOS support thanks to contributions from macOS users. -Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
