I found this great howto on doing this exact task.
Since the above howto is for Gentoo and not Ubuntu, the steps vary a little bit. I'll outline what steps I did to get my setup working on Ubuntu 10.10.
Once you get vpnc setup and you are able to connect to it, all of your traffic should be routing through it by default.
1) vpnc was overwriting my /etc/resolv.conf file with nameservers on the VPN. To prevent this I set DNSUpdate no in my vpnc config file:
Code:
cat /etc/vpnc/myvpnc.conf
IPSec gateway publicdomain.example.com
IPSec ID XXXX
IPSec secret YYYY
Xauth username ZZZZZ
Xauth password *****
DNSUpdate no
2) I then installed dnsmasq to handle resolving of domain names between my two sets of nameservers (local/ISP nameservers and the ones on the VPN for private domains):
Code:
sudo apt-get install dnsmasq
3) Once dnsmasq is installed, you can edit it's config file at /etc/dnsmasq.conf
I needed to add a "server=" entry for my company's private domain. There should be a commented out line already:
Code:
server=/.privatedomain.example.com/192.168.0.1
The first part is the private domain name and the second is the IP of the nameserver to use to lookup hosts on that domain.
4) Set dnsmasq to only listen locally, I set the option "interface=lo", to only accept connections through the loopback interface, you can also use the "listen-address" option.
5) Make sure you're using your new nameserver (dnsmasq) that you've just setup.
I modified /etc/dhcp3/dhclient.conf, uncommenting the line beginning with "prepend"
Code:
prepend domain-name-servers 127.0.0.1;
This will be sure that the default nameserver is your new local install of dnsmasq.
6) Restart networking with sudo /etc/init.d/networking restart. the first line in /etc/resolv.conf should now read:
Code:
nameserver 127.0.0.1
I also have two more nameserver entries below that for my ISP that dnsmasq uses.
7) When you connect to your VPN, vpnc will set the default route to use tun0, routing all traffic through the VPN. You can see this with "netstat -r". To counter this you need to delete the route that vpnc adds, and add any routes that you need to go through the VPN.
Here is an example script that I have to connect my vpn (must be run as root, of course):
Code:
#!/bin/bash
echo "Connecting to myVPN..."
vpnc /etc/vpnc/myvpn.conf
echo "Setting up routing table..."
route del default dev tun0
route add -net 192.168.0.0 netmask 255.255.0.0 dev tun0
echo -n "Press Enter to continue..."
read
Bookmarks