Greetings,
Since OpenVPN is very scriptable, I wouldn't imagine doing this would be a
problem, but I'm looking to see if anyone else does this, if there are
concerns with doing it, or if OpenVPN has a built-in way of doing this.
Our OpenVPN set up does split-tunneling, so a client only gets access to
certain resources over the VPN, and the rest goes through their normal
Internet connection. After the user successfully authenticates, the
`client-connect` script checks what they access to, processes the
appropriate firewall rules on the server side, and then pushes those routes
to the client side. We run into a situation frequently where someone needs
access to something new, and they must reconnect in order for that new
resource to be accessible.
I'm hoping to avoid this if I can; server-side this wouldn't be a problem
because I can simply have a script periodically check (every 1 minute or
so) who's connected, and update their rules accordingly from the database.
Where I run into confusion is how to push these new routes to the client?
Is this possible?
Thank you!
--
Scott Crooks (王虎)
LinkedIn: http://www.linkedin.com/in/jshcrooks
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
