Personal VPN routing

We have a Personal VPN that we create from within our app. The app will first attempt to connect to a server on the local wifi. If the sever is available and we are on that network then we do not start the VPN. If the server is not available then we will start up the Personal VPN and then we can connect to our server via the VPN. This all works fine unless we hve the situation that the local network IP schema is the same IP address as our server that we want to reach via the VPN.


If our server is on a LAN network of 192.168.1.100 and we are on a Wifi netwok that is also setup to be 192.168.1.x then while our server is not on the local wifi network and we start the VPN then we find that the traffic to our desired server is not being routed over the VPN but going to the local wifi where of course we already know the server does not exist.


Is there a way programmatically to force a route so that iOS will route traffic for this specific IP address down our VPN tunnel and not route it to the local network?

Up vote post of doodah Down vote post of doodah
1.6k views
Posted by
doodah
Reply
Add a Comment

Replies

If you are using the normal netmask for a class C network (255.255.255.0), then the 192.168.1.x network is the same network, whether wired or wireless. If your server is on the 192.168.1.x, it's on the local network even if connects via wireless. You would need to sub-divide the network into two by extending the netmask by a bit. But, that will require re-addressing devices, setting up a router to route between the two networks, re-assigning IP addresses, gateway addresses, etc..

Posted by
jonprescott
Up vote reply of jonprescott Down vote reply of jonprescott
Add a Comment

If you are in two facilities that each have a the default Class C network (you on wireless, your server on LAN), you need something in-between to act as a public route between the two networks. The 192.168.x.y is reserved for local use, and there can be a multitude of these networks geographically dispersed, that connect through the internet via NAT re-addressing.

Posted by
jonprescott
Up vote reply of jonprescott Down vote reply of jonprescott
Add a Comment

What I am hoping to do is that if I'm on a class C network via wifi and I want to contact a Class C address that is in the same 255.255.255.0 mask on another Class C network via the VPN. So basically I was hoping there was a way in the Personal VPN that I could add a route that says "if address is 192.168.1.40" then route it down the VPN... and let everything else on that Class C address family route locally. I doubt this is possible, but I get lost in the VPN parameters and controls at times. I wonder if my solution isn't to force the traffic over cellular if the server is not on the local address... I've watched the developer videos from WWDC but not clear how I can force my traffic to use the cellular connection over the wifi for the traffic I want to send down the tunnel to the remote local network for just our app.

Posted by
doodah
Up vote reply of doodah Down vote reply of doodah
Add a Comment