Hi Joe, On 05/11/14 21:11, Joe Patterson wrote: > Looking through the docs, I *think* I know the answer to this question > already, but I figured I'd ask here in case I'm wrong... > > Is there any way to push an iroute to an openvpn server instance at > any time other than when a client connects? I would think that if > this sort of thing could be done, it would be done via the management > port, and I don't see anything in the management-notes.txt file, but > there's always some possibility that there's another method that I've > been missing. > > If I'm correct that this isn't possible, is it something anyone's > thought of doing before? Is there some reason I haven't thought of > that it *shouldn't* be done? > > for an iroute to work the server needs to know that the client is connected; AFAIK there is only one moment when "per-client" config options are processed by the server and that is when the client (re)connects.
If you are in a tun-based setup then you do not need the iroutes, strictly speaking: it can also be done using server side routing and firewalling, but this requires some iptables magic. cheers, JJK ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
