best way to give clients different route settings?

[onineko]

Good day!

i'm trying to find the best way, to give one client different route-info from the others. without having to change anything for the existing users, if possible, because that would be quite troublesome =)

here the server.conf

Code: Select all

port 1194
proto udp
dev tun
ca keys/blub/ca.crt
cert keys/blub/drip.crt
key keys/blub/drip.key
dh keys/blub/dh2048.pem
server 192.168.4.0 255.255.255.0
crl-verify keys/blub/crl.pem
ifconfig-pool-persist servers/drip/logs/ipp.txt
cipher DES-EDE-CBC
user nobody
group nogroup
status servers/drip/logs/openvpn-status.log
log-append servers/drip/logs/openvpn.log
verb 2
mute 0
local <the WAN-IP>
management 127.0.0.1 11000
keepalive 10 120
client-config-dir /etc/openvpn/servers/drip/ccd
tls-server
comp-lzo
persist-key
persist-tun
ccd-exclusive
route-up "route delete -net 192.168.4.0/24"
route-up "route add -net 192.168.4.0/24 tun0"
push "dhcp-option DOMAIN drop.blub.de"
push "dhcp-option DNS 192.168.20.253"
push "dhcp-option WINS 192.168.20.200"
push "route 192.168.4.1"
push "route 192.168.3.0 255.255.255.0"
push "route 192.168.10.0 255.255.255.0"
push "route 192.168.20.0 255.255.255.0"
push "route 192.168.5.0 255.255.255.0"
push "route 192.168.14.0 255.255.255.0"
push "route 192.168.12.0 255.255.255.0"
push "route 192.168.13.0 255.255.255.0"
push "route 192.168.0.0 mask 255.255.255.0 192.168.20.254"

yeah, the normal clients get a lot of routes, and unfortunately they need them. the new client i want to create should get only one route because it should go only into one of the nets.
what would be the best way to do this?

best regards
onineko

[janjust]

add a client config file for this single client; the CCD file should contain something like

Code: Select all

push-reset
push "route <the-network> <netmask>"

[onineko]

thank you very much! i'll try that!

bye
onineko