Comment 31 for bug 124663

I am having this problem with network-manager-openvpn but the discussion seems relevant. In my case, in version .6 of nm-openvpn, there was an option (not the default) that said "Only use VPN for these addresses...". In .7, I have been unable to replicate that setting and therefore lose my fast local internet when on VPN. The OpenVPN command line utility works as I expect since we are not pushing the redirect-gateway option to force the default route through the VPN.

Am I just missing the ability to replicate the older option?

Are you guys saying that the Network Manager project has intentionally removed these options between .6 and .7 in order to enforce the stricter security policy? If so, isn't that overriding the decisions made by a) the underlying vpn solution creators (cisco, openvpn, etc) and b) the organization implementing the solution?

I'm just looking for a definitive answer here so I can stop banging my head on trying to replicate my .6 setup if it's just not going to work. I understand the tradeoffs and personally would prefer the flexibility to make those decisions for my particular uses. In my personal usage, I can decide to use the less secure method that doesn't force all of my internet traffic over across my dsl line and in my organization, I can configure my server to tell the clients to use a more secure option.

Or I could just be missing something in the setup.

Please clarify this for me. The way it's currently working, I am falling back to command line OpenVPN client to get the desired functionality for my current use case.

Thanks.