Hi! First off, I'd like to thank the community here as I have relied heavily on this forum's posts to help me set up my OpenVPN setup, it would not have been possible without them as this was my first experience using Linux.
Special thanks to Bebop.
My question: Can we bind VMWare Virtual Machines (running Windows 7 OS inside and outside) directly to OpenVPN connections? I will provide some details below on how my OpenVPN server/clients are currently set up now.
I have a functioning setup currently, it works great but I would like to modify it slightly to improve it's function.
Right now, I have a VPS running CentOS 6.5 and running a single instance OpenVPN server. I have 5 static IP addresses linked to the VPS, and I have used a combination of IPTABLES and the CLIENT-CONFIG-DIR to bind specific Common Names to specific internal IP addresses as follows:
User1 CCD file: ifconfig-push 10.8.2.1 10.8.2.2
User2 CCD file: ifconfig-push 10.8.3.1 10.8.3.2
User3 CCD file: ifconfig-push 10.8.4.1 10.8.4.2
etc.
Default server subnet is 10.8.0.0 but this is unused as I only connect with CCD-bound usernames.
Then, I use IPTABLES and 'forward':
10.8.2.0(*) to IP Address #1
10.8.3.0(*) to IP Address #2
10.8.4.0(*) to IP Address #3
etc.
I use password-less KEYS on the VMWare Clients which each have a copy of OpenVPN installed within their own Win 7 Operating Systems, and each Virtual Machine has it's own username and key which I do not change. So for example, VMWare Virtual Machine #1 will always use OpenVPN Username 1 and that username will be completely unused if that Virtual Machine is not running.
The end result is that each Virtual Machine has it's own "dedicated IP address".
I'm not using topology subnet, mostly because I got it to work this way before I was able to comprehend how to use that type of topology. I'm open to changing it, but don't really know what benefit there would be at this time.
So why do I want to fix what ain't broke??
The issue with the current setup is that I don't want the VM's to be able to access the internet at all, under any circumstances, without properly tunneling through the OpenVPN connection. If I lose connectivity, I just want network traffic to come to a grinding halt until the OpenVPN connection is restored. In this way, it will most closely emulate an actual dedicated static IP from an ISP. There will be no "cross-contamination" of IP Addresses, no phantom connections occurring through my regular ISP's IP Address associated with network traffic from within the Virtual Machines.
I run 3 to 5 Virtual Machines at a time from the same Host.
So, if there was a way to set up the Virtual Machine to bind itself to a specific IP address or virtual network adapter (or something.. grasping at straws here) on the Host machine, so that the OpenVPN connection actually happened outside the Virtual Machines, perhaps I could accomplish what I'm looking for.
I'd rather avoid having to run batch files or software within each VM that would monitor for connection drops and slam the network traffic window closed.
Thanks for reading, and in advance for any ideas!
Spartachunk