We are using FortiClient to connect to one of our client's VPN. Unfortunately, FortiClient is routing all the traffic over VPN as default.
We have found a way around it, for Linux. After connecting with VPN we run:
sudo route del default ppp0
sudo route add -net 172.20.0.0 netmask 255.255.0.0 dev ppp0
And now, only the addresses starting with 172.20.x.x are resolved over VPN connection.
Now, I am using FortiClient 5.4 on Mac OS X 10.11.6 and I am trying to remake the above to work on Mac OS X. Basically I have problems even with the first step. I have tried:
sudo route delete -net default -ifp ppp0
But the routing still does not work expected. Easily to test, because there is no Internet connection behind the VPN - I can not browse/ping any website :-).
What am I doing wrong? Thanks for help!
I used this question to help me out and it turned out I needed one extra command.
Basically the working solution for Mac OS X 10.11.6 goes as follows:
sudo route delete -net default -interface ppp0
sudo route add -net 0.0.0.0 -interface en0
sudo route add -net 172.20.0.0 -netmask 255.255.0.0 -interface ppp0
Which basically means:
ppp0 which was set by FortiClienten0)ppp0 (FortiClient) interface.Linux equivalent, as mentioned in the question, is:
sudo route del default ppp0
sudo route add -net 172.20.0.0 netmask 255.255.0.0 dev ppp0
So you actually skip the step #2.
Not that hard in the end.