Route specific traffic to VPN OSX

Veröffentlicht von

Let’s assume you are on the road, you need to connect to services that are only available via your companies IP address or static VPN tunnel. A VPN server is running at your company where you can connect to and by default only the IP subnet that you got assigned via DHCP will be routed through your VPN tunnel.

In my case it is a vpn tunnel using ppp0 as interface and I need to connect to an external service that is only reachable from the company.

Edit or add /etc/ppp/ip-up , this file gets executed once VPN tunnel is active.


# When the ppp link comes up, this script is called with the following
# parameters
#       $1      the interface name used by pppd (e.g. ppp3)
#       $2      the tty device name
#       $3      the tty device speed
#       $4      the local IP address for the interface
#       $5      the remote IP address
#       $6      the parameter specified by the 'ipparam' option to pppd

# VPN_GATEWAY is the remote address of the vpn tunnel
# when ppp executes this script it will pass several values to it
# $5 will hold the remote gateway

# use ppp0 for mac os ssl connections
# or utun0 for first Tunnelblick interface

if [ "${1:-}" = "${VPN_INTERFACE}" ]
   # internal routes
   /sbin/route add -net -interface $VPN_INTERFACE
   /sbin/route add -net -interface $VPN_INTERFACE
   # for testing
   /sbin/route add -net -interface $VPN_INTERFACE

If you want to route based on an url / domain name, I have enhanced this script with dns resolution and support for cdns (round robin domains with multiple IPs).