You are not logged in.
- Topics: Active | Unanswered
#1 Today 16:32:57
- Gghost
- Member
- From: Detroit
- Registered: 2026-01-23
- Posts: 2
- Website
Working with two network interfaces
I have my internal wifi interface, intel ax201 and a tp link usb dongle.
ip addr gives me the devices listed as;
wlan0: ax201
wlan1: tp link (where the vpn is applied)
tun0: openvpn
The part that confuses me is that when I connect to the vpn, everything is ran through wlan0:tun0, which is what most people want. Id like to have control over which apps use tun0 and to have the vpn run through wlan1:tplink. It appears that the easiest way to do this would be to have two wifi devices.
I am aware of split tunneling but I haven't been able to make that work.
Any advice would be appreciated, I'm open to new ideas or other methods that I might not be aware of.
Offline
#2 Today 18:17:49
- -thc
- Member
- Registered: 2017-03-15
- Posts: 1,145
Re: Working with two network interfaces
AFAIK there's no option for an OpenVPN client to choose the local endpoint interface. That second interface will most likely be ignored.
"Split tunneling" means you only set up a VPN route for some IP subnets or ranges and the "default gateway" is unchanged. Only packets for those subnets or ranges are tunneled though the VPN but everything else is not. OpenVPN does that via "pull" from the VPN server (if it's a split tunnel setup) or by overriding it locally (if it's a full tunnel setup).
Offline
#3 Today 18:45:13
- Painless
- Member
- Registered: 2006-02-06
- Posts: 235
Re: Working with two network interfaces
Remove the default route from the first interface. OpenVPN client will be forced to use the second interface to access the VPN server.
Offline
#4 Today 19:49:20
- dimich
- Member
- From: Kharkiv, Ukraine
- Registered: 2009-11-03
- Posts: 629
Re: Working with two network interfaces
Id like to have control over which apps use tun0 and to have the vpn run through wlan1:tplink.
It depends how you prefer to define and run that apps. One method would be to create separate network namespace and run apps in that namespace. Another method would be to mark outgoing traffic from specific apps and use alternative routing table for it.
Online
#5 Today 20:13:13
- seth
- Member
- From: Won't reply 2 private help req
- Registered: 2012-09-03
- Posts: 75,718
Re: Working with two network interfaces
Id like to have control over which apps use tun0
https://wiki.archlinux.org/title/Firejail
https://unix.stackexchange.com/question … ic-process
Edit: also F5…
AFAIK there's no option for an OpenVPN client to choose the local endpoint interface. That second interface will most likely be ignored.
How would that be determined w/ systemd's less-than-predictable interface names?
Depending on the second NIC it might be possible to soft-blacklist the module for the undesired NIC until openvpn has chosen the correct one?
But should™ openvpn not simply use the local endpoint that routes the necessary IP range?
Last edited by seth (Today 20:13:45)
Offline
#6 Today 20:46:26
- -thc
- Member
- Registered: 2017-03-15
- Posts: 1,145
Re: Working with two network interfaces
How would that be determined w/ systemd's less-than-predictable interface names?
Depending on the second NIC it might be possible to soft-blacklist the module for the undesired NIC until openvpn has chosen the correct one?
But should™ openvpn not simply use the local endpoint that routes the necessary IP range?
I actually know several PCs that may have two active interfaces (LAN/WiFi) and the users never complained about missing VPN connectivity.
I never bothered to check the the "chosen" interface. "Second" simply meaning the other one.
A soft-blacklist scenario might work.
For the outer tunnel OpenVPN just needs a route to the VPN endpoint. The TO's interfaces sound equal in that regard.
Offline