OpenVPN Support Forum

The issue that I have that certain websites and production machines only allow connections from our office IP addresses. We have split-tunneling enabled for our users so as not to saturate our primary WAN line. But some users need to be able to access the above sites and machines through the VPN connection to be able to access it.

So, we can accomplish this one of two ways:
1) Have a certain group of users pass all of their internet traffic through the VPN
2) Add those sites and servers to a list that OpenVPN will recognize, so as to pass this traffic through the VPN.

Could anyone give me any information as to how to do either of these or which one is preferable/feasible?

I'd go with option #1 : use a 'client-connect' script to put those users in a different subnet, with full access, or use the script to set up firewall rules for those users.

The downside of option #2 is that the routing table on the server might become very lengthy.

Where would I be able to find a script that allows me to create a different client config? I can't find how to modify the client config in the OpenVPN client that you download from the Access Server.

the client-connect script would be on the server side ; I don't if and how it can be done for Access Server, I only know the free community version of openvpn.