On 2 June 2015 22:05:21 CEST, Jason Haar <jason_h...@trimble.com> wrote:
>Hi there
>
>We're using openvpn to connect employees to the corporate 10/8 network
>and hit a problem with a client who was on a hotel 10/8 network. We use
>openvpn in split-tunnel mode and unfortunately the hotel used the same
>10.X subnet as a large server subnet range we use - so the user
>couldn't
>reach the corporate servers as the traffic stayed local
>
>In this case using the openvpn tunnel as the default gw should have
>solved the problem - but normal people can't figure that out - so I'd
>like to solve it dynamically at the server end. However, to do that,
>the
>server would need to know in advance the routing table of the client -
>so that it could do something like "if 10.anything is local, then
>disable split tunnel and push all traffic through openvpn; else do
>split
>tunnel".
>
>Currently it looks like details about the client routing table aren't
>passed through environment variables to the server, would that be a
>good
>idea as an option? Obviously there are privacy issues - but when one
>organization controls both the client and server - that's a bit
>academic

Hi,

Have you looked at the --client-nat option in the man page?



kind regards,

David Sommerseth

------------------------------------------------------------------------------
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to