Hi Jason, On Sun, Sep 25, 2011 at 9:07 AM, Jason Holtzapple wrote: > On 09/23/2011 09:17 AM, Kevin Fries wrote: > > * When I am not in the office, and I try to go to a location (by name > > or IP) that is within a specified range, I want the VPN to activate, and > > route all traffic only for the office over it, while allowing all other > > traffic to go out via the normal, primary, connection. > I am assuming that you are using Ubuntu: http://geekyprojects.com/ubuntu/ubuntu-vpn-connection/ and using pptp? http://www.youtube.com/watch?v=t3v7xoLi254 Or are you using the VPN on Demand Browser Java/ActiveX plugin: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk62410 Perhaps this an OS X On Demand VPN dmg? > > You will want to turn on the "Use this connection only for resources not > on this network" option in the Routes... dialog box of your vpn config. > > As far as the automatic activation of VPN, I am not sure how to do that, > it might be possible using some custom scripts in /etc/network/if*/*. > I've used an if-up.d script to disable the wireless radio and interface > if a wired connection is detected, for instance. > I use OpenVPN Access Server which provides a web based portal to configure a client that will push internal networks or allow you to configure each. It allows for VPN server to server tunnels also. The OpenVPNas OpenSource version comes with a license for 2 clients, and allows you to reuse these different clients for simultaneous connections. If you configure it to push a network that does not exist (in that connection but exists in another) it will simply continue doing what it can. Here's a demo showing how to bypass firewall and traffic shaping: https://www.zazeen.com/OpenVPN/index.html OpenVPNAS server packages install with a simple dpkg or rpm install and two or three configuration changes: http://openvpn.net/index.php/access-server/docs/admin-guides/123-how-to-install-openvpn-as-software.html OpenVPN clients are available for Windows, Mac, and Linux: http://openvpn.net/index.php?option=com_content&id=357 You download the config file and certificate as a package and place into your configuration directory after authenticating to the OpenVPN Access Server web portal (automatically created for you) which can run on an alternate port as you specify during setup. If you are running a Endian Community Edition Firewall (that installs with WiFi, Squid proxy, Mail Scanner, and Web Proxy, with SNORT and iptables-ebtables all integrated to an easy to use web based management portal) or a ClearOS firewall , OpenVPN comes all ready to add a tunnel between your other servers. Both EFW Endian and ClearOS install as an ISO and are very easy to configure, even allowing command line import of IPTABLES, using dnsmasq for additional security and speed. -- (503) 754-4452 AT&T (602) 791-8002 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** HomeSmartArizona.com