I wish to run two VPN servers, which this software allows (via ports). I have generated a separate set of ca's and server keys for each, with respective client keys for clients in the two sets of users who will connect to the relevant VPN server. Everything is working so far.
What I want is:
For VPN1 to redirect the client's internet BUT DISALLOW access to the LAN local to the VPN server.
For VPN2 to redirect the client's internet AND allow access to the LAN local to the VPN server.
Is this possible with OpenVPN, or do I have to configure something elsewhere on the router? Sample server config follows for VPN1, VPN2 has push "route 10.10.0.0 255.255.0.0" extra.
# Automatically generated configuration
server 10.8.0.0 255.255.255.0
keepalive 15 60
push "dhcp-option DOMAIN sample.com"
push "dhcp-option DNS 10.10.0.1"
push "redirect-gateway def1"
tls-auth static.key 0
# Custom Configuration
keepalive 50 120