this post was submitted on 15 Nov 2023
2 points (100.0% liked)

ProtonVPN

257 readers
1 users here now

founded 3 years ago
MODERATORS
[email protected]
2
Split Tunneling on Linux (lemmy.ca)
submitted 1 year ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

I'm trying to use ProtonVPN to set up split tunneling so that my tun0 is the only network device that is protected by ProtonVPN. I need this because I have file & web servers running on this Linux box (Ubuntu).

With previous VPNs I've used, I would use OpenVPN and add to the openvpn config and this work the way I intended:

route-nopull
route 10.0.0.0 255.0.0.0

With other VPNs I'd just run

curl --interface tun0 ip.me

And that would return a VPN ip address.

For some reason, ProtonVPN seems to be blocking me from using the same workflow. Is there a working guide for ProtonVPN to do what I'm trying to do?

you are viewing a single comment's thread
view the rest of the comments
[–] LordOfTheChia 1 points 1 year ago* (last edited 1 year ago) (1 children)

I'm actually still looking for a similar solution myself.

In my case, I have some applications I want to connect to the VPN and the rest to use the non-tunneled connection.

I've found a docker container for my VPN but the apps I've only seen flatpack versions. In theory, I should be able to assign to the flatpack apps the same namespace as the VPN container.

Also ran into this potential solution:

https://github.com/slingamn/namespaced-openvpn

And

https://www.digitalocean.com/community/tutorials/how-to-remotely-access-gui-applications-using-docker-and-caddy-on-ubuntu-18-04

Edit: Found another discussion that may be relevant:

https://airvpn.org/forums/topic/55876-split-tunnel/

One solution there involves dividing the VPN from non-VPN apps by the user used to launch the application.

[–] [email protected] 2 points 1 year ago

Check out my other comment on this thread:

https://lemmy.ca/comment/4894496

If you take a look at gluetun, it might be what you’re looking for. It worked exactly the way I needed it. I just wrote a docker compose for it and the service I needed to be behind VPN, and everything worked out :)