Hello!
I'm looking for a way that isn't all or nothing on how to route traffic for particular public IPs through the OpenVPN Access Server.
The use-case is that there are some websites/services/etc that are public facing, but locked down to Offices public IPs. The problem is, we aren't forcing (and don't want to force) all user internet VPN traffic through our OpenVPN, but instead would like to force just this or required IPs to talk through the OpenVPN, so that their public IP shows what would be from our Office would be.
Is this possible, maybe through some sort of advanced configuration, etc?
-Keegan
Route only some internet traffic (not all) through OpenVPN AS
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed May 18, 2016 1:45 pm
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Route only some internet traffic (not all) through OpenVPN AS
Then just disable forwarding all traffic, and then just specify the IP ranges you want to forward through the VPN server, and make sure it is done using the NAT method.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed May 18, 2016 1:45 pm
Re: Route only some internet traffic (not all) through OpenVPN AS
Hello, thanks for the reply - could you elaborate a bit more on what you mean by specify the IP ranges you want to forward in? In particular, from the Admin UI - under what category/field would this be? I'm not entirely familiar with the configuration and options, and only very rarely make changes - so want to make sure that I'm doing it properly.
Appreciate your time! Thanks!
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Route only some internet traffic (not all) through OpenVPN AS
VPN Settings > Allow access to private subnet > yes, using NAT > 123.45.67.89/32
Or:
User Permission > (more settings) > allow access to (using NAT) > 123.45.67.89/32
Or:
User Permission > (more settings) > allow access to (using NAT) > 123.45.67.89/32
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.