How to set up routing tables on OS X to redirect VPN traffic?

macos terminal network vpn

I am trying to setup route table on my OS X machine so regular internet traffic doesn't go through VPN but only specific destinations will be targeted via VPN.

When I connect to VPN it creates new 'default' route for interface 'jnc0' destination which redirects all the traffic to VPN.

netstat -nr
Routing tables

Internet:

Destination     Gateway        Flags      Refs     Use     Netif Expire
default         10.1.1.1       UGSc       36       65      jnc0
default         192.168.0.1    UGScI      20       0       en1

Is it possible to set priority so all traffic goes via default 192.168.0.1 en1 instead of default 10.1.1.1 jnc0 ?

I have script for Ubuntu which creates routing table but I am not sure how to adjust it for OS X.

Here is the script:

SET_PRIORITY=$(sudo ip rule  | grep -c $ROUTE_TABLE_NAME)

if [ $SET_PRIORITY -eq 0 ]; then
    sudo ip rule add from all lookup $ROUTE_TABLE_NAME prio 1000 
fi 

sudo ip route flush table $ROUTE_TABLE_NAME

sudo ip route add default via $ROUTER_IP dev $LOCAL_IFACE metric 0 table $ROUTE_TABLE_NAME

sudo ip route add default via $VPN_IP dev $VPN_IFACE metric 1 table $ROUTE_TABLE_NAME 

sudo ip route add 172.0.0.1/16 via $VPN_IP dev $VPN_IFACE table $ROUTE_TABLE_NAME

When I try to execute: 

sudo ip rule add from all lookup $ROUTE_TABLE_NAME prio 1000

I get sudo: ip: command not found.

Also when I try to execute:

sudo rule add from all lookup $ROUTE_TABLE_NAME prio 1000

it doesn't work either with error sudo: rule: command not found.

Here is the code:

sudo ip route flush table $ROUTE_TABLE_NAME
sudo: ip: command not found

sudo route add default via $ROUTER_IP dev $LOCAL_IFACE metric 0 table $ROUTE_TABLE_NAME
route: bad address: via

sudo route add 172.0.0.1/16 via $VPN_IP dev $VPN_IFACE table $ROUTE_TABLE_NAME
route: bad address: via

I would appreciate any help and guidance.


Solution 1:

If your VPN client sets a default route when it connects you'll have to delete that route after connecting. Then the static routes that you've configured should take effect. To edit routing table in macos you should use the route command with sudo. The synopsis is:

route [-dnqtv] command [[modifiers] args]

Related

How do I type a tilde in spanish keyboard?
What does the 's' character mean in iPhone 5s and 6s series
Move item from iCloud keychain to normal keychain
iPad - erase data completely
How to permanently archive Time Machine backup?
alternative to Dterm for quick terminal
Why (else) would my Calendar icon have a red badge (with numbers) on it?
Get Spotlight to search in Caskroom subdirs (which is now in /usr/local/)
Cannot connect to OS X SMB server from Linux
How to fix curl: (35) SSL certificate problem: Couldn't understand the server certificate format?
Chromecast receiver for OSX
How to modify Hardware UUID of a macOS Sierra Virtual machine in VMware fusion/parallel desktop