Hi,
Is it possible to route all traffic through the VPN for selected user profiles?
thanks
John
Is it possible to route all traffic through the VPN for selected user profiles?
-
- OpenVpn Newbie
- Posts: 9
- Joined: Fri Mar 04, 2022 3:17 pm
-
- OpenVpn Newbie
- Posts: 9
- Joined: Fri Mar 04, 2022 3:17 pm
Re: Is it possible to route all traffic through the VPN for selected user profiles?
On my AS:
Should client Internet traffic be routed through the VPN? set to NO
Should client Internet traffic be routed through the VPN? set to NO
- openvpn_inc
- OpenVPN Inc.
- Posts: 1332
- Joined: Tue Feb 16, 2021 10:41 am
Re: Is it possible to route all traffic through the VPN for selected user profiles?
Hello johnds,
The setting in the VPN Settings page is for all users. To set it per user or per group there is the option to do this in the command line. For example you could create a group that has the setting turned off on the command line, and after that whenever you assign a user to that group it will be using split-tunnel because it inherits the setting from that group.
The section to control redirect gateway functionality (which does the full-tunnel redirection) is in the command line documentation is here:
https://openvpn.net/vpn-server-resource ... s-settings
Disable redirection of internet traffic, and don't push DNS servers:
./sacli --user <USER_OR_GROUP> --key "prop_reroute_gw_override" --value "disable" UserPropPut
Disable redirection of internet traffic, but still push DNS servers:
./sacli --user <USER_OR_GROUP> --key "prop_reroute_gw_override" --value "dns_only" UserPropPut
All commands are assumed to be executed as root in the /usr/local/openvpn_as/scripts directory.
Kind regards,
Johan
The setting in the VPN Settings page is for all users. To set it per user or per group there is the option to do this in the command line. For example you could create a group that has the setting turned off on the command line, and after that whenever you assign a user to that group it will be using split-tunnel because it inherits the setting from that group.
The section to control redirect gateway functionality (which does the full-tunnel redirection) is in the command line documentation is here:
https://openvpn.net/vpn-server-resource ... s-settings
Disable redirection of internet traffic, and don't push DNS servers:
./sacli --user <USER_OR_GROUP> --key "prop_reroute_gw_override" --value "disable" UserPropPut
Disable redirection of internet traffic, but still push DNS servers:
./sacli --user <USER_OR_GROUP> --key "prop_reroute_gw_override" --value "dns_only" UserPropPut
All commands are assumed to be executed as root in the /usr/local/openvpn_as/scripts directory.
Kind regards,
Johan

Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support