Hi, On Tue, Jun 02, 2015 at 10:53:49PM +0200, Mathias Jeschke wrote: > On 2015-06-02 at 22:40 Mathias Jeschke wrote: > > > AFAIK, this is not possible, but you have options from my pov: > > > > (1) Deploy 2 OpenVPN configurations to your users - one for split > > tunnel and one without (redirect-gw). > > Forget this option - the redirect-gateway does not work at all in this > setup. The hotel 10/8 has higher precedence than the default route.
Actually, you can push "redirect-gateway def1 block-local" which would
send "local" networks into the tunnel.
I still think that using "redirect-private" and pushing the 10-subnets
as highly specifics (/25) should work fine...
> > (2) For split tunneling push two routes to the clients instead 10/8:
> > 10.0.0.0/9 and 10.128.0.0/9
> > These two routes have higher precedence than the conflicting
> > 10/8 hotel route.
>
> You will probably also need to run a script (-route-up cmd) in order to
> add a host route for the local hotel gateway which is very likely in the
> 10/8 network.
"redirect-private" :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpaepP8oESR9.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
