Theo Fokkema schreef op 03-10-2017 13:40:
AirVPN uses its own tool they call "Eddie" which will do latency tests
and connect to a recommended server, but which will also allow you to
manually choose one.
I guess there is a 'market' for an open tool that does the same for
corporate networks then.
You can also let the 'fake' VPN server just not give out any routes to
the company network, which you can do with a client-config-script.
At that point the VPN is only used for the VPN, but if your VPN
clients normally only use the VPN to get to the normal company network
(ie. you > don't stay on the VPN with your data) then connecting to
the VPN (with no default route) does no damage.
It would still lead to IP address depletion (we mostly use /24 subnets
with DHCP configured to have a pool of 150 IP addresses available, in
our larger offices we might have more than 75 users connected
simultaneously).
I could of course work around that by making the VPN
a different routed (or not routed at all, if I read you correctly)
subnet, but would prefer to stick with bridging for now.
Oh yes apologies, I have no experience with bridged VPN.
I assumed you put them on an entirely different subnet and then routed
to the main ones.
I guess doing routed requires you to employ routes to the VPN
everywhere, but the benefit is that you can distinguish pool users
easier.
But it looks like we can't have it all, for now...
The only choice then it to prevent them from connecting.
Or like the other person said...
You give them a routed different subnet address when in the office that
is then not used. He said it was far from ideal?
Personally I think routed is better but that's just me.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users