Housten, I have a problem …

At work I have to use a VPN con­nec­tion. Curr­ent­ly the­re is set up a (so cal­led) SSH jump-host, that only accepts con­nec­tions from out­side the internal/VPN network.

Pro­blem with that: If the VPN con­nec­tion is up it’s not pos­si­ble to SSH to the jump-host any­mo­re, becau­se my local machi­ne (with the VPN con­nec­tion) has an inter­nal IP address and is not allo­wed to con­nect to the jump-host.

Solution

I crea­ted a udev rule for the VPN inter­face tun0.
That rules worke like this: Crea­te a new rou­te (to the jump-host) over my default net­work inter­face if the VPN con­nec­tion is up and dele­te that rule if tun0 wents down.

And here are this udev rules for you – and myself … 🙂

1. Crea­te the file with/for both udev rules as root (you can free­ly name the file as you want): /etc/udev/rules.d/99-tun0.rules
2. Insert the fol­lo­wing two lines/rules, replace 
   • 2.2.2.2 with the jump-host IP
   • 1.1.1.1 your local gate­way IP
   • default_interface with your local/default net­work inter­face (for me it’s wlp2s0; you can use ip addr to see all interfaces)
3. Restart (as root) the udev ser­vice: systemctl status udev

KERNEL=="tun0", ACTION=="add", RUN+="/sbin/ip route add 2.2.2.2 via 1.1.1.1 dev default_interface"
KERNEL=="tun0", ACTION=="remove", RUN+="/sbin/ip route delete 2.2.2.2 via 1.1.1.1 dev default_interface"

Housten, the problem is fixed …

Thanks (for hints and inspi­ra­ti­on) to

• https://www.cyberciti.biz/faq/ip-route-add-network-command-for-linux-explained/
• https://askubuntu.com/a/546812
• https://askubuntu.com/a/797298