Exception list for VPN?

upshiftupshift
in VPN Setup Support
From what I've read I think this is either not possible or complex.  Running on Linux system and I access our work systems on Amazon Web Services.  This is using ssh.  Part of the security setting on AWS is that it only allows ssh access from known ip addresses.  Is there a way to allow ssh to bypass the VPN and go direct?

Thanks,
jjd

Comments

  • Max-PMax-P
    If you know the IP you're connecting to in advance, you can actually add single-IP direct routes to AWS and have it bypass the VPN. Should be as easy as this:
    sudo ip route add 1.2.3.4/32 via $YOUR_ROUTER dev $YOUR_NIC

    To undo, swap "add" for "delete". If you need to find your router's IP or your interface name, this should show you both (en* or eth* is ethernet, wl* or wlan* is WiFi, tun* or tap* is VPN):
    ip addr show
    ip route show

    You can use nslookup or ping to translate a name to a set of IPs. You can also add larger AWS ranges by adjusting the /32 to a bigger subnet, but keep in mind some websites are hosted on AWS as well so make sure you only add IPs you trust or don't care about being behind the VPN.
  • upshiftupshift
    Worked great, thanks very much.

    jjd
Sign In or Register to comment.