Is there a way to configure OpenVPN clients to route traffic for HTTP port 80
and HTTPS port 443 directly (i.e. not through the VPN), but through the regular
default gateway the clients have. All other traffic should go through the VPN.
My client is running OpenVPN on Windows and my current configuration looks like this:
client
dev tun
proto tcp
remote my-server-2 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ../keys/ca.crt
cert ../keys/client1.crt
key ../keys/client1.key
ns-cert-type server
verb 3
route-metric 1
show-net-up
dhcp-renew
dhcp-release
route-delay 0 120
hand-window 180
management localhost 13010
management-hold
management-query-passwords
management-forget-disconnect
management-signal
auth-user-pass
Best Answer
OpenVPN isn't able to filter traffic -- it simply sends the IP packets it is passed over the VPN tunnel. The functionality you want needs to be provided by the operating system. The OS needs to decide whether to route a packet using OpenVPN or using the gateway on the local network. On Linux one would accomplish this using iptables to mark certain packets, and iproute2 to select different routing tables. As far as I know this can't be done on Windows however.