Per client routing

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
greenfreq
OpenVpn Newbie
Posts: 4
Joined: Wed May 04, 2022 9:43 pm

Per client routing

Post by greenfreq » Wed May 04, 2022 9:57 pm

Is it possible to specify full routing for some clients while leaving the other clients in half-routes.

Example:

ClientAlpha and Client Bravo are connected to the same server, ServerAlpha.

ClientBravo needs to have all of its network traffic routed through the VPN.
ClientAlpha only needs VPN network traffic to be routed via the VPN.

Can you specify a specific client to receive the push "redirect-gateway def1"?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Per client routing

Post by TinCanTech » Thu May 05, 2022 9:58 am

It's all in the howto.

greenfreq
OpenVpn Newbie
Posts: 4
Joined: Wed May 04, 2022 9:43 pm

Re: Per client routing

Post by greenfreq » Thu May 05, 2022 8:56 pm

Thank you for the reply.
I am having difficulty translating what is in the HowTo @ https://openvpn.net/community-resources ... s-policies with assigning the full route functionality to a specific client.

Am I looking at the wrong area of the HowTo?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Per client routing

Post by TinCanTech » Thu May 05, 2022 9:40 pm

Try this version.

greenfreq
OpenVpn Newbie
Posts: 4
Joined: Wed May 04, 2022 9:43 pm

Re: Per client routing

Post by greenfreq » Thu May 05, 2022 10:10 pm

Haha, are you trolling me? Those are the same thing with different looks.

The issue I am having is understanding how I inform openvpn that a client should use X config over Y config.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Per client routing

Post by openvpn_inc » Mon May 09, 2022 1:05 am

Hi green,

See --client-config-dir in the manual.

Access Server makes things like this much easier, if you are interested in that. If so please follow up in the Access Server subforum. (The free/gratis version of Access Server is limited to 2 concurrent connections.)

regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

greenfreq
OpenVpn Newbie
Posts: 4
Joined: Wed May 04, 2022 9:43 pm

Re: Per client routing

Post by greenfreq » Mon May 16, 2022 9:40 pm

There it is... directory must be the same name as the x509 CN. Of course, it appears that I will have to set up routes to allow traffic between clients using these configs instead of using the client-to-client directive, and then adding additional routing for those clients that need it. But it's a step forward for me.

Thanks for the assistance.

Post Reply