This process should be similar for any other VPN providers that have OpenVPN servers, Private Internet Access and NordVPN are known to have this feature.

Edit your OpenVPN config from Mullvad and add the following line at the end

pull-filter ignore redirect-gateway

Your VPN config will look similar to

client

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

verb 3

remote-cert-tls server

ping 10

ping-restart 60

sndbuf 524288

rcvbuf 524288

cipher AES-256-CBC

tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA

proto udp

auth-user-pass /etc/openvpn/mullvad_userpass.txt

ca /etc/openvpn/mullvad_ca.crt

tun-ipv6

script-security 2

up /etc/openvpn/update-resolv-conf

down /etc/openvpn/update-resolv-conf

fast-io

remote-random

remote ca-mtr-102.mullvad.net 1194

remote ca-mtr-105.mullvad.net 1194

remote ca-mtr-104.mullvad.net 1194

remote ca-tor-103.mullvad.net 1194

remote ca-tor-101.mullvad.net 1194

remote ca-mtr-103.mullvad.net 1194

remote ca-tor-102.mullvad.net 1194

remote ca-van-003.mullvad.net 1194

remote ca-mtr-107.mullvad.net 1194

remote ca-van-002.mullvad.net 1194

remote ca-mtr-101.mullvad.net 1194

remote ca-mtr-108.mullvad.net 1194

remote ca-van-004.mullvad.net 1194

remote ca-mtr-106.mullvad.net 1194

pull-filter ignore redirect-gateway

Mullvad runs it’s SOCKS5 server on 10.8.0.1 so we can now use the VPN by binding a program to use the SOCKS proxy.

For example we can now use curl without sending all our traffic through the VPN, an example curl command would look like this :

curl –socks5-host 10.8.0.1 –keepalive-time 60 -m 1800 https://www.google.com

socks5-host tells curl which IP to bind to while also using the host system to resolve DNS, alternatively you can use –socks5 to bypass resolving DNS by the host.

To make sure the SOCKS5 proxy is still alive we set the timeout with “-m” so that the system does not wait infinitely for a reply.