I was moved to encrypt.me after buffered was acquired. This VPN automatically encrypts network connections _it_ feels are unsafe. If you encrypt all traffic, your local routed networks may become unavailable. Here is an example network:

If you enable “Secure my connection” from the encrypt.me application, you will loose connection to both the Corporate and DMZ networks.


To fix this problem, create static routes on the workstation to point to the firewall/router for specific networks. It seems that encrypt.me only redirects the default gateway, so by adding static routes, you can bypass encrypt.me.


sudo networksetup -setadditionalroutes "Ethernet 1"

sudo networksetup -setadditionalroutes "Ethernet 1"


route -p MASK

route -p MASK

macOS script

    # Add-Static-Routes.sh
    # This gets around the VPN system on the mac is sending these networks through it's VPN 
    # Networks:
    # --> Router VPN to Corporate
    # --> Router DMZ IoT network
    # These 'route' commands will work until next boot. Great for testing
    route add # Corporate Network router VPN
    route add # IoT DMZ in router

    # networksetup allows persistent routes across reboots. 
    # -listnetworkservices will show current interfaces that -setadditionalroutes uses. Mine is "Ethernet 1"
    networksetup -listallnetworkservices # What network services are available on this Macintosh?
    networksetup -setadditionalroutes "Ethernet 1" \ \

    # Show the routes
    networksetup -getadditionalroutes "Ethernet 1"
    route get
    route get

    # Test the routes
    ping -c 1
    ping -c 1