Hi there We're using openvpn to connect employees to the corporate 10/8 network and hit a problem with a client who was on a hotel 10/8 network. We use openvpn in split-tunnel mode and unfortunately the hotel used the same 10.X subnet as a large server subnet range we use - so the user couldn't reach the corporate servers as the traffic stayed local
In this case using the openvpn tunnel as the default gw should have solved the problem - but normal people can't figure that out - so I'd like to solve it dynamically at the server end. However, to do that, the server would need to know in advance the routing table of the client - so that it could do something like "if 10.anything is local, then disable split tunnel and push all traffic through openvpn; else do split tunnel". Currently it looks like details about the client routing table aren't passed through environment variables to the server, would that be a good idea as an option? Obviously there are privacy issues - but when one organization controls both the client and server - that's a bit academic -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
