How to do “Split tunneling” with OpenVPN community edition

Adrian Angel Sanz Melchor
2 min readJul 13, 2022

--

So I’ve been wondering how I could add split tunneling on our VPN, since I’m tired of accepting cookies in German every time I do a google search… I found out that is pretty simple. You only need to add lines to the ovpn profile.

Photo by Thomas Jensen on Unsplash

Straight to the point

You should add the next lines on your VPN profile

Routes are fairly simple, and you can review them (at least on Linux). After this, import the file and make sure you check the “Use this connection only for resources on it’s network”

Testing

The IPs added on the route are from “icanhazip.com” which will give you your current Public IP. We will make two curl requests. The first on to “icanhazip.com” which should give you your VPN address, the second one to “checkip.amazonaws.com” which is another IP resolver, and this one should give you your real IP.

As simple as that, you have configured split tunneling with OpenVPN.

Final thoughts

For managing a lot of routes, adding them manually can be a tedious process, so maybe a script on it to add them on multiple profiles at once, or update those profiles accordingly could be interesting.

Also, remember that you need a client that allows split tunneling!

And finally, remember that you can use whole CIDR ranges, and that can mess up your local network if you configure it wrong!

--

--

Adrian Angel Sanz Melchor

Just a spanish DevOps who likes sharing useful knowledge, working proudly @ Cipher