On 03/06/15 10:58, David Sommerseth wrote: > Hi, Have you looked at the --client-nat option in the man page?
Yeah - but it's an issue of only wanting it under the condition when the local network conflicts with the corporate network. One-to-one NAT is great but it still breaks some applications, so "no NAT" is still the best option when appropriate. We run openvpn in "always on" mode - so there's no opportunity for end-users to change settings manually (not that most of them are technically up to the diagnostics required any way) - hence my desire to do it on the server end. Sounds like my "option 3" is the only way: allow the user to connect, get server to query client to find out local routing table and then reconfigure the client to match conditions where appropriate -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
