سازمان با استفاده از عید و من آن را برای دسترسی به منابع داخلی در حالی که در خانه استفاده کنید.
در حال حاضر، من نمی wan’t به مسیر ترافیک گیر داده ها مانند جریان ویدئو و ترافیک های دیگر نیاز به زمان تاخیر کم از طریق VPN.
چگونه می توانم این تا کنار مشتری تنظیم کنم؟ (من هستم در ماشین های لینوکسی)
توجه داشته باشید که VPN گزینه سمت سرور برای فعال کردن “تقسیم و tunelling” است. این راه حل به نظر من نیست. (که چرا VPN نیز به سایر منابع خارجی است که می تواند انجام فقط از سازمان آی پی آدرس دسترسی استفاده می شود غیر فعال است)
What’s wrong with split tunnel vpn? It is *designed* to handle cases like this. If you know the ip ranges you route just those through your tunnel. Otherwise if you have the default route through the vpn everything will go through.
[deleted]
Look into ‘routing tables’ and prepare for a headache.
It is possible, but not very simple to setup. It would be much easier to use the vpn in a virtual machine.
Wouldn’t it just be easier to use your VPN from within a Virtual Machine? As an added bonus you can then easily separate work from personal stuff.
I’m a bot, *bleep*, *bloop*. Someone has linked to this thread from another place on reddit:
– [/r/iptables] [How do I make traffic bypass a VPN?](https://www.reddit.com/r/iptables/comments/7ws5ll/how_do_i_make_traffic_bypass_a_vpn/)
*^(If you follow any of the above links, please respect the rules of reddit and don’t vote in the other threads.) ^([Info](/r/TotesMessenger) ^/ ^[Contact](/message/compose?to=/r/TotesMessenger))*
Pretty sure you can achieve this with namespaces, but I’ve never tried to do that manually.
Wouldn’t it make more sense to do this the other way: only use VPN for the work stuff i.e. specific applications? Here’s a script I use on Ubuntu (uses OpenVPN only for some apps, instead of bypassing it):
https://github.com/slingamn/namespaced-openvpn
edit: I saw your other comment, so you can’t use OpenVPN? Then forget this script.
Hey, sometine ago i wrote a bash script that isolates the vpn traffic within a network namespace. If you’re using / can use openvpn, maybe it could come useful to you too. Just launch openvpn giving it that script as up and down script options, then launch the script from terminal to spawn a shell inside that namespace (check the instructions on github). Then everything you do it’s routed trough the vpn only, so you can use it to launch the browser or do other stuff to access your company files, and do high traffic stuff outside that namespace as usual.
Not tested enough since I was busy with university since then, but it was working for me.
Otherwise you could look at how I isolated the vpn network, it’s pretty well commented, with a bunch of searches on google you could adapt it to your situation.
https://github.com/xnand/vpnjail
You need a site-to-site VPN with split tunneling. Your “home” firewall should split the traffic.
Apparently Sonicwall’s VPN solution is strongswan compatible. https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
First, is SonicWall SSL-based or IPsec-based? If you don’t know, check to see what ports it uses.
Is using a proxy with a WPAD an option? You can easily direct traffic to those specific sites through an internal proxy and anything else can be told to go direct.
Install a small VirtualBox VM with the network interface in bridging mode. Install a squid proxy inside the VM. Point your browser for high data traffic to this proxy.
I think you could even achieve it with squid inside a docker container, for a more light weight solution, but I have no idea how all the fancy bridging stuff works in docker.