Route and vpnc

[MrKnisely]

Tony Arnold wrote:

>Kenneth,
>
>Kenneth P. Turvey wrote:
>  
>
>>I use vpnc to connect to the Universities wireless system and to gain
>>access to the Beowulf cluster on campus.  When I use it to connect to the
>>wireless network, I would like all of my IP traffic to be directed through
>>the university's network, but when I use it at home to connect to a single
>>machine on campus, I would like all of my network traffic to be handled
>>normally, except that destined for the university network.  
>>    
>>
>
>What you are lookig for is split horizons support in vpnc. I don't know
>if that is there. It's potentially risky as it can allow traffic from
>other networks through your machine and down the vpn tunnel you've
>created, thus opening a huge security hole in your university defenses.
>
>  
>
>>I have yet to get it to really work well. 
>>
>>In addition to this, I would rather use my ISPs name servers when they are
>>available.  Resolvconf seems to be resetting them without asking any
>>quesitons.  
>>    
>>
>
>Unless you have the split horizons support, you won't be able to reach
>your ISPs name servers once the vpn tunnel has been established. Hence
>the use of your University name servers.
>
>We use the Cisco VPN server at Manchester and I've successfully run the
>Cisco VPN client for Linux. I've not experimented with split horizons
>though.
>
>Regards,
>Tony
>  
>

I believe you are talking about split tunneling.  Split horizons is a 
method of avoiding routing loops:

http://en.wikipedia.org/wiki/Split_Horizon

Split Tunneling is a method of  allowing multiple pipes for data to flow:

http://www.cisco.com/en/US/customer/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml#inability

Either way, the changes will need to be made at the VPN terminator to 
which you are connecting.

Check the second link, it's got the configuration examples of how split 
tunneling can be setup.

Mike K.