Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Avoid creating PPTP default routes' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Avoid creating PPTP default routes
Authored by: jalbrecht2000 on Oct 05, '04 12:37:39PM

I agree with NOM, that is the only correct way to acheive a "correct" split route vpn. However there is a problem that pops up when you have more than one VPN you connect to.

I have a VPN connection that I use to connect to work from home, and vice-versa. Both VPN connections assign me different IP addresses when I connect. I didn' t want to have to manually update ip-up and ip-down everytime I chose to connect to one of the VPN's, so after a little digging here is what I came up with:

ip-up script:
-----CUT HERE-----
#!/bin/sh
#
# This script is run by the pppd after the link is established.
# It should be used to add routes, set IP address
# etc.
#
# This script is called with the following arguments:
# Arg Name Example
# $1 Interface name ppp0
# $2 The tty ttyS1
# $3 The link speed 38400
# $4 Local IP number 12.34.56.78
# $5 Peer IP number 12.34.56.99

case "$5" in
192.168.0.202) /sbin/route -n add -net 192.168.0.0/24 192.168.0.202 >> /var/log/ppp.log 2>&1 ;;
204.118.193.6) /sbin/route -n add -net 10.0.0.0/24 204.118.193.6 >> /varl/log/ppp.log 2>&1 ;;
esac
----CUT HERE----

ip-down script:
----CUT HERE----
#! /bin/sh
#
# This script is run by the pppd after the link is disconnected.
# It should be used to delete routes, remove IP address
# etc.
#
# This script is called with the following arguments:
# Arg Name Example
# $1 Interface name ppp0
# $2 The tty ttyS1
# $3 The link speed 38400
# $4 Local IP number 12.34.56.78
# $5 Peer IP number 12.34.56.99

case "$5" in
192.168.###.###) /sbin/route -n delete -net 192.168.0.0/24 192.168.###.### >> /var/log/ppp.log 2>&1 ;;
204.118.###.###) /sbin/route -n delete -net 10.0.0.0/24 204.118.###.### >> /varl/log/ppp.log 2>&1 ;;
esac
----CUT HERE----

What these scripts do is use a couple of variables to determine the remote IP address you have connected to. Depending on what IP address it finds it will modify the routing table accordingly. Of course you will want to subsitute my numbers with your own IP addresses. I've been using this script for quite awhile now, it works beautifully. Hope this is useful for someone else!

---
__________
Justin



[ Reply to This | # ]