PDA

View Full Version : Can I choose which applications to use VPN connection?




aslakege
Jan 29, 2011, 06:02 AM
Hi,

I have a VPN connection from Strong VPN set up on a Mac Mini.

I would like to specify that Boxee uses this connection, but no other traffic from or to my computer should use it.

Is this possible?

Sincerely,
Aslak Ege



belvdr
Jan 29, 2011, 09:57 PM
No, because VPNs operate at a lower level in the OSI stack (http://en.wikipedia.org/wiki/OSI_model). VPNs run between layer 3 and layer 4, well below layer 7.

aslakege
Jan 30, 2011, 04:29 AM
Thanks for responding so quickly, belvdr.

I am (vaguely) familiar with the OSI stack, but is there no way to differentiate on level 3/4 then, e.g. IP addresses and routes?

Put differently, what is the actual impact of unchecking the "Send all traffic over VPN connection"? With reference to for instance

http://blog.liip.ch/archive/2006/01/07/changing-default-routes-on-os-x-on-vpn.html

it seems that if the VPN service is below the Ethernet service in the ordered list in Network, the default route is not through the VPN connection. Does this not mean that I should be able to add a new route, include the IP ranges which Boxee, Hulu and Vudu access, and then have de facto differentiation between applications (although it actually happens on level 3/4)?

Looking forward to your response. I am definitely on thin ice here.

nemanjaj
Jan 30, 2011, 08:08 AM
If you specify the addresses/networks you want to route - that can work. Of course, all applications will go through VPN for those IP's.
You can't specify applications which you want to go through VPN.

aslakege
Jan 30, 2011, 09:28 AM
..and that is exactly what I did.

1. Move Ethernet on top in the ordered list
2. Uncheck the "Send all.."
3. Create an /etc/ppp/ip-up file
4. Add a route for the IP range used by Hulu
5. Save the file and make it executable
6. Pop some popcorn and enjoy the shows. :-)

Can't really see situation where traffic to these sites should not go via VPN, so the solution is fine for me.

The challenge now is to identify all IP ranges used by Netflix, but that should be doable.

Thanks for the help.

daredewil
Jun 20, 2011, 01:49 PM
Hi,
Mind to share the hulu address list?

I'm trying to gather hulu and vudu lists.