Web lists-archives.com

NetworkManager with VPN for internet, not local LAN

Howdy all,

How can I convince NetworkManager that a specific VPN is to be used only
for traffic outside the local network, whatever that local network
happens to be?

I have an external VPN service that I use to avoid surveillance and
censorship, both within organisations (like an employer or a café) and
within my home country that mandates our ISPs spy on their behalf.

So when I'm connecting to the various networks my notebook computer
finds itself in, I want to connect to that VPN and have all internet
traffic go through that VPN.

Simultaneously, any addresses on the local LAN should *not* be routed
through that VPN, because those local addresses are not routed outside
the local network.

What do I need to do in the NetworkManager VPN configuration, to ensure
that when I've enabled that VPN it will apply to internet addresses but
not local non-routable LAN addresses?

Bear in mind that those LAN addresses can change dynamically as I move
the computer to a different network, yet the VPN configuration should
remain the same.

 \        “You don't change the world by placidly finding your bliss — |
  `\        you do it by focusing your discontent in productive ways.” |
_o__)                                       —Paul Z. Myers, 2011-08-31 |
Ben Finney