On 2 June 2015 22:05:21 CEST, Jason Haar <jason_h...@trimble.com> wrote: >Hi there > >We're using openvpn to connect employees to the corporate 10/8 network >and hit a problem with a client who was on a hotel 10/8 network. We use >openvpn in split-tunnel mode and unfortunately the hotel used the same >10.X subnet as a large server subnet range we use - so the user >couldn't >reach the corporate servers as the traffic stayed local > >In this case using the openvpn tunnel as the default gw should have >solved the problem - but normal people can't figure that out - so I'd >like to solve it dynamically at the server end. However, to do that, >the >server would need to know in advance the routing table of the client - >so that it could do something like "if 10.anything is local, then >disable split tunnel and push all traffic through openvpn; else do >split >tunnel". > >Currently it looks like details about the client routing table aren't >passed through environment variables to the server, would that be a >good >idea as an option? Obviously there are privacy issues - but when one >organization controls both the client and server - that's a bit >academic
Hi, Have you looked at the --client-nat option in the man page? kind regards, David Sommerseth ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users