Hi,
Maybe someone has an idea how to achieve this.
We have deployed a OpenVPN client configuration on ~400 clients.
This configuration also includes "redirect-gateway def1", so they are using the openvpn server as default gateway.
Now what we would like to do is to override this option only for some clients on the server side.
I know we could also deploy a different client configuration for those clients, but it would be quite easier if this can be achieved over the server.
Any hints if this is possible?
Thanks,
Dam.
override default route on client from server
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sun Nov 10, 2019 4:32 pm
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: override default route on client from server
if you want to override some client from server just do as
server will know which client connect to it by comom name in certificate so basic you need to find out certificate of the client you want to put specific of routing like this.
for example you got a client its common name certificate is joad.
make an file withou extension name joad , open the file and add like this,place this file in cdd folder and add full path to the server config
client-config-dir "/tmp/openvpn/ccd"
push "route 0.0.0.0 192.0.0.0 net_gateway"
push "route 64.0.0.0 192.0.0.0 net_gateway"
push "route 128.0.0.0 192.0.0.0 net_gateway"
push "route 192.0.0.0 192.0.0.0 net_gateway "
when the client connect to server , server will check its name in cdd folder and load all infor in the file jonh and apply to that client.so when client connect it use client getaway and dont route all through server , you can place as many as file in ccd folder as you want
server will know which client connect to it by comom name in certificate so basic you need to find out certificate of the client you want to put specific of routing like this.
for example you got a client its common name certificate is joad.
make an file withou extension name joad , open the file and add like this,place this file in cdd folder and add full path to the server config
client-config-dir "/tmp/openvpn/ccd"
push "route 0.0.0.0 192.0.0.0 net_gateway"
push "route 64.0.0.0 192.0.0.0 net_gateway"
push "route 128.0.0.0 192.0.0.0 net_gateway"
push "route 192.0.0.0 192.0.0.0 net_gateway "
when the client connect to server , server will check its name in cdd folder and load all infor in the file jonh and apply to that client.so when client connect it use client getaway and dont route all through server , you can place as many as file in ccd folder as you want
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: override default route on client from server
Or use --push-remove in the client.
See --push-remove in the manual.
See --push-remove in the manual.