When connected to a VPN, route traffic destined for networks outside the VPN connection (non-VPN destination networks) directly through your local network instead of through the VPN tunnel. This keeps network traffic responsive.
※If you’re working remotely, check with your IT department first—some organizations require all traffic to route through internal networks.
※Be aware that many external servers are configured to allow access only through the VPN tunnel.
※If accessing the VPN destination by domain name, watch out for DNS settings. Depending on the VPN’s DNS configuration, you may need to edit the hosts file.
macOS Monterey
Version 12.3
VPN Connection Method: L2TP/IPsec (PPP tunneling)
■Open Network Settings and access VPN connection details
Uncheck “Send all traffic over VPN connection”
■Create a routing addition script
The /etc/ppp/ip-up script is executed when the connection is established.
Add the following to this file to “add IP routes when VPN connects”.
In this example, “172.31.1.0/24” is the route you want to send through the VPN.
#Confirm ppp0 exists after VPN connection
$ ifconfig
#After disconnecting the VPN
#Edit the file with vi
$ sudo vi /etc/ppp/ip-up
#!/bin/sh
if [ "$1" = "ppp0" ]; then
/sbin/route add -net 172.31.1.0/24 -interface ppp0
fi
#Save the file in vi
#Give the file execute permission
$ sudo chmod +x /etc/ppp/ip-up
#Check the routing table
$ netstat -rn
Notes
When routing multiple paths, you can add multiple entries:
/sbin/route add -net 172.31.1.0/22 -interface ppp0
/sbin/route add -net 172.31.4.0/22 -interface ppp0
/sbin/route add -net 172.31.8.0/22 -interface ppp0