Hi, in our VPN product for Windows we have logic which monitors for changes in active "normal" network interface and restarts OpenVPN in case IP changes in existing interfaces or new ones are added while VPN is on. Restart is done because otherwise those updated interfaces would bypass the VPN. Also we are trying to ignore all virtual, loopback and P2P interfaces. This seems a bit brittle solution. Latest problems are caused by Microsoft DirectAccess interface which we didn't have in the ignore list and its IP seems to change always when VPN is enabled causing loop like -> enable VPN -> get DirectAccess (IPHTTPS) IP change -> stop VPN -> enable VPN -> get get DirectAccess (IPHTTPS) IP change -> etc.
I am new developer in this area but I heard from previous guys involved in the project that it might be better to have solution at OpenVPN side. Is there already some work done or being done for handling this "updated interfaces bypass VPN" problem? BR, Totti Vossi
------------------------------------------------------------------------------
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel