On Thu, Jul 9, 2015 at 7:45 AM, Jan Just Keijser <janj...@nikhef.nl> wrote:
> as usual, Gert is right :( > I've added an explicit /32 route to the OpenVPN server via DHCP , which > Windows picks up, including the right LAN GW address *BUT* it associates > it with the VPN interface, not the regular LAN interface. Thus you end > up with a "bite your own tail" route and the VPN collapses. > > So I guess the only thing this DHCP-trick is useful for is if you're not > redirecting all traffic - in that case you can run openvpn in > non-privileged mode and set a bunch of routes to go over the VPN, just > not the default route. > > @Selva: my current patch contains hardcoded addresses and is just a > proof-of-concept. I cannot share the executable with you. > No problem, the fact that the route would apply only to the particular interface is a major disappointment. Kind of obvious once Gert pointed it out, though :) I suppose, going forward, replacing the service by nssm is the best option for those of us using the mgmt-interface to control the process as non-admin user. Thanks, Selva
