In our company we have a software which requires a VPN to be connected in order to properly work. However that is not the only software we use here. The problem is that other software get way slower when the VPN is up. Apart from that, we don't want all our data traffic to pass through this connection.
Is there a way to isolate the VPN connection specific for a single software?
Is there a way to isolate the VPN connection specific for a single software?
I would isolate the VPN for a specific route. This can be achieved with the system routing configuration.
This specific routing options for a VPN are called in general Split tunneling.
Is the software contacting always the same endpoint at the other side? Then it's pretty easy, since you only have to add a single IP (subnet) to route through the VPN.
Is there a way to isolate the VPN connection specific for a single software?
You could create a virtual machine, install the software and setup the VPN within the virtual machine. By doing that you fulfill all your requirements.
The only drawback is the shared hardware resource, which could negatively influence the performance of other applications.
Yes, it is possible to create a routing rule on the operating system which routes traffic with a specific destination to a particular interface or gateway.
So if your application has a specific server with a known IP address, you could create a rule that routes any traffic to that IP through VPN interface and all other traffic through the network adapter interface.
eg.
Microsoft Exchange Server (192.168.1.45) -> Interface 2 (VPN)
Everything else -> Interface 1 (Network Adapter)
-
route add 192.168.1.45 mask 255.255.255.255 IF 2 metric 1
route add 0.0.0.0 mask 0.0.0.0 IF 1 metric 10
See:https://technet.microsoft.com/en-us/library/Cc757323%28v=WS.10%29.aspx
