> (in theory, I never had a chance to implement it) anycast hosting. same way > that CDP of most world CA. i.e. the same > network prefix being announced via multiple internet exchanges (IX).
How does one get this set up on the internet? I'm not familiar with CDP. > user will pick the closest server. Still the user needs to pick in that scenario? > (we use that for 5+ years) setup several servers, distribute several configs > to your users. people like to choose something (for example, this > is what people usually do in supermarket). it works. no issue for 5+ years. It would not provide a totally transparent solution and would not enable users to log on to the Windows domain with the VPN connection already open 'under water' in Windows. > there are things like https://github.com/OpenVPN/openvpn-gui/issues/77 > after it is implemented, you can connect to LAN before login (probably, even > using computer certificate) I think you mean Geantlink, that is mentioned in a link in that topic. I had a quick peek, found a lot of technical stuff and no documentation - specs look interesting but I did not immediately comprehend the exact role of this package. And would it be hard to distribute and implement? > first, we tried to block vpn connections from office (using dns). we got many > complaints "my vpn indicate it does not work!", so we installed > fake vpn instances, it works the same way as real one, but no routes are > distributed. people got redirected to it via firewall when they connect > > from office. it far from being perfect actually. Exactly the scenario I'd like to avoid without end users having to do the thinking. The level of end users we have is not to understand or give a thing about 'ip routing'. Having them doubleclick the OpenVPN GUI icon is asking too much already for some. > experience is very simple: put it to production. hear to your users. fix > things they are not happy about. iterate. My modus operandi exactly, but I'd like to give it some more thought first before putting stuff to production. Best regards, Theo Fokkema Digital Plumber ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
