From owner-freebsd-questions@FreeBSD.ORG  Fri Apr  7 14:36:35 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AAF3316A405
	for <freebsd-questions@freebsd.org>;
	Fri,  7 Apr 2006 14:36:35 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from mx00.pub.collaborativefusion.com
	(mx00.pub.collaborativefusion.com [206.210.89.199])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B76543D49
	for <freebsd-questions@freebsd.org>;
	Fri,  7 Apr 2006 14:36:34 +0000 (GMT)
	(envelope-from wmoran@collaborativefusion.com)
Received: from localhost (monrovll-cuda1-24-53-251-44.pittpa.adelphia.net
	[24.53.251.44])
	(AUTH: LOGIN wmoran, TLS: TLSv1/SSLv3,256bits,AES256-SHA)
	by wingspan with esmtp; Fri, 07 Apr 2006 10:36:33 -0400
	id 00056414.443678F1.0000C2B2
Date: Fri, 7 Apr 2006 10:36:32 -0400
From: Bill Moran <wmoran@collaborativefusion.com>
To: hal <hal@cc.usu.edu>
Message-Id: <20060407103632.4096d389.wmoran@collaborativefusion.com>
In-Reply-To: <FC11C925-4213-47AA-B004-B6925305FC31@cc.usu.edu>
References: <FC11C925-4213-47AA-B004-B6925305FC31@cc.usu.edu>
Organization: Collaborative Fusion
X-Mailer: Sylpheed version 1.0.6 (GTK+ 1.2.10; i386-portbld-freebsd5.4)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Choosing which interface to use
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2006 14:36:35 -0000

hal <hal@cc.usu.edu> wrote:

> I am setting up a VPN client on a 6.0 box of mine.
> As a result of the VPN client (openvpn) running I
> have two interfaces active, xl0 needed by the dhcp
> client and tun0 used by the vpn client.
> 
> The question.  How do I tell an application perhaps telnet,
> ssh, or ftp to use tun0 and not xl0?

Ideally you would set up appropriate routes when you establish the VPN
tunnel, and the kernel would know the correct direction based on the
destination IP address.  Since this isn't the case, I strongly suggest
that you look into cleaning up your IP ranges so it can be.  Never allow
half-baked routing to exist, it just causes more and more headaches the
longer you let it go.

However, many programs have an option to control where the source port
originates from.  If the application you want to use supports this, you
can specifiy the IP of your end of the VPN tunnel and it should force
the traffic to go through the tunnel.  ssh, for example uses -b to set
the originating IP.

I'll reiterate, however, that the _best_ way is to properly organize
your routing so it happes automagically.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com