VPN based on destination IP for a standalone device ?

Discussion in 'Home Networking' started by YahooGroupsKH, Jan 18, 2008.

  1. I have a situation where a standalone device (not a PC) is accessing
    several different destination servers. But when it accesses one
    particular range of IP's I want to route that traffic (only) via VPN.
    All other traffic I want to remain through my standard broadband
    routing. The only configurable aspect of the device though is the
    default gateway. No software can be installed on it.

    Ideally I would like to use the VPN feature built into my Draytek
    router and find a US based VPN service provider who can accept this.
    However I would be prepared to purchase some other low cost hardware
    solution or indeed perhaps go via a PC using internet connection
    sharing with VPN software installed. I would prefer the 'device' to
    remain on the same subnet as all my other intranet though.

    Is there an easy way to force certain destination address ranges to go
    via VPN and all other traffic to remain as is (static routes ?) ? If
    so can I do this with a Draytek VPN capable router (or two of them) ?

    Is there a way to have an intermediate PC act as the default gateway
    for the 'device' , applying VPN and then forwarding to my standard
    internet router with the device and all PC's remaining on the same
    subnet (ie without ICS) ?

    YahooGroupsKH, Jan 18, 2008
  2. YahooGroupsKH

    Geoff Lane Guest

    The Draytek is the VPN server so it waiting for incoming connections.

    I'm not sure how you can route certain IPs outwards, I would have
    thought that would be configured in the device.

    Geoff Lane
    Geoff Lane, Jan 18, 2008
  3. Can you not put routes into the draytech?

    I am assuming that it is out gate way.

    Don C
    Donald Campbell, Jan 18, 2008
  4. YahooGroupsKH

    stephen Guest

    the client you use usually depends on the target VPN server - and it sounds
    like you want the client on your end.

    So - work out where the connection needs to go 1st, and what is at the other
    end of the link.
    you should be able to use a VPN client device (eg Cisco VPN 3002), or some
    routers that can work as a VPN client (not as a server).

    If all else fails a "real" router such a small Cisco with VPN support can do

    selective forwarding of some traffic to the VPN, and the rest elsewhere is
    known as "split tunneling".
    Once you have a client, then as long as the traffic goes to it (ie make it
    the default gateway) then it can choose where to send each packet based on
    Probably... :)
    stephen, Jan 20, 2008
  5. YahooGroupsKH

    Jon Guest

    It also has a "dial-out" function for "site to site" VPN connections.
    Jon, Jan 20, 2008
  6. All sorted now thanks - the Vigor does have the ability to only route
    based on destination IP , and I have the PPTP VPN working. Chris
    YahooGroupsKH, Jan 20, 2008
