Exclude port from VPN

I am running OpenSuse Leap 15.1 with KDE. I am using the Torguard VPN client which uses an OpenVPN tunnel. My email service comes from Cox and Cox’s server rejects all mail sent through the VPN client. The outgoing smtp connection is on port 465 and I would like to bypass the VPN tunnel on that port. Can someone explain how to do this?

That’ pretty hard to believe… that any ISP would actually try to break into a VPN and selectively block services.

I’m guessing you’re not set up properly.
Is anything else working through your VPN, and if so what is working?

If you’re having problems with your email client through the VPN,
What email client are you using?
What guide are you following to set up your client?
If your problem is SMTP, whose SMTP server are you using and what guide are you following to set that up (hint - You can’t use Cox’s SMTP server through your VPN, you need a large web services email provider like Gmail, Yahoo, or something else that’s similar).

Need more info about why you’re even using a VPN… are you traveling? bypassing restrictions? need unusual security? Something else?

Maybe you shouldn’t even be using your email client through a VPN… If you don’t mind snoopers knowing the servers you’re connecting to but still can’t see your messages, beside encrypted SMTP, set up encrypted IMAP or POP along with and don’t use a VPN.

TSU

Like many people I use a VPN for privacy and am not about to give it up.

I agree it is hard to believe but Cox receives enough email from the same address it gets flagged as a security threat. Cox blacklists the IP address for the VPN server. In my case my VPN server is in Dallas.

I am using Thunderbird and it works fine with the VPN service off. IMAP always downloads from the Cox server but SMTP to Cox’s server only works with VPN turned off. There is nothing wrong with Thunderbird’s configuration.

With openvpn it is possible to designate exceptions to the routing in the config file. I would like to find someone who can explain how that is done.

Thanks.

As I described,
You cannot or should not use your ISP’s SMTP server when you’re using your VPN… That’s the whole point of using a VPN for privacy, you’re not supposed to “leak” connections that betray what the VPN is doing for you. What you’re seeing is fairly common… Your Cox IMAP server doesn’t care where you are for receiving email… You can be inside Cox’s network or traveling somewhere outside a Cox network. But using an SMTP server is commonly restricted to the ISP’s own network. If you want to send from outside the network(and a VPN will make you appear outside the Cox network), you’ll have to talk to Cox about configuring an exception for your account. The alternative is to use someone else’ SMTP server, but you may also need to configure SPF and/or DMARC so your mail isn’t rejected by other mail servers… Otherwise, no one really cares what SMTP server you use.

If you still want to break your VPN security, it can be done though…
You’re asking about setting up a “split VPN” configuration, it’s in the docs.

TSU

I understand there are many different ways to solve a problem but anyone who can convince Cox technical support to admit their blacklist is causing a problem they should expend time on has more eloquence and patience than I do.

For anyone who runs into this or a similar problem.

The .opvn configuration files are located in /home/.local/share/VPNetworkLLC/Torguard/configs .


To find the IP numeric address of the name address you are trying to  exclude from the VPN tunnel you use a DNS lookup tool. The IP address of  smtp.cox.net is 68.1.17.4 .


The following goes at the top of the .opvn configuration file.


allow-pull-fqdn # Allow client to pull DNS names from server (rather than being limited to IP address)
# route destination netmask gateway
route smtp.cox.net 68.1.17.4 192.168.0.1
route whatismyip.com 255.255.255.255 192.168.0.1
route torguard.net 255.255.255.255 192.168.0.1
# [https://torguard.net/whats-my-ip.php](https://torguard.net/whats-my-ip.php) 

This problem is solved.

Thanks to all who read the problem and tried to help,

Kim Foltz, Okc, OK