Routing

Routing expert please help. Currently my pc is connected to my router gateway 192.168.24.1
and i have webserver hosted on my pc but when i connected vpn on my pc, and my webserver
no longer reachable on public. Everytime i connected the vpn all traffic is routed to the vpn
tunnel. But i only like to connect one public ip to download file when vpn connected.
Can i preserve my default router gatewway 192.168.24.1 and only route the public ip through
tunnel. What can i do to make it work?

Pls some expert help cause i have no knowledge about routing.

internet
…|
…|
gateway (forward port 80 to PC1)
…|
…|
PC1 with webserver(192.168.24.1) (192.168.24.12) -----(Openvpn client connect to vpn server) use only connect to ip 111.111.111.1 no other site than this)

Below is the routing table of my pc.

Before Vpn
pc1: # route
Kernel IP routing table
Destination…Gateway…Genmask…Flags…Metric…Ref…Use…Iface
192.168.24.0… … .255.255.255.0 . U… 0… 0… 0… eth0
link-local …
… 255.255.0.0 …U …0… 0… 0… eth0
loopback …*… . 255.0.0.0… .U… 0… 0… 0… lo
default…192.168.24.1 0.0.0.0 …UG… 0… 0… 0… eth0
pc1: # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.24.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.24.1 0.0.0.0 UG 0 0 0 eth0

After Vpn

pc1: # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
123.123.123.79 192.168.24.1 255.255.255.255 UGH 0 0 0 eth0
192.168.24.0 * 255.255.255.0 U 0 0 0 eth0
198.18.40.0 * 255.255.248.0 U 0 0 0 tun0
link-local * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 198.18.40.1 128.0.0.0 UG 0 0 0 tun0
128.0.0.0 198.18.40.1 128.0.0.0 UG 0 0 0 tun0
default 192.168.24.1 0.0.0.0 UG 0 0 0 eth0

pc1: # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
123.123.123.79 192.168.24.1 255.255.255.255 UGH 0 0 0 eth0
192.168.24.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
198.18.40.0 0.0.0.0 255.255.248.0 U 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 198.18.40.1 128.0.0.0 UG 0 0 0 tun0
128.0.0.0 198.18.40.1 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.24.1 0.0.0.0 UG 0 0 0 eth0

What you want to achieve is called split tunneling. (There are security implications (for your VPN server with doing this though.) It may be best to implement in the router, and that probably means an enterprise level router (vs type normally supplied by ISP for domestic purposes).

You’ll probably need to do a little googling your self, but just to give you the idea, here’s a couple of guides

http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2009-February/002990.html
http://www.howtogeek.com/51340/setting-up-a-split-tunnel-vpn-pptp-client-on-ubuntu-10-04/