Re: [Openvpn-users] Select nearest OpenVPN server / shared userbase / Only connect if away from home

Tue, 03 Oct 2017 05:04:54 -0700 

Theo Fokkema schreef op 03-10-2017 13:40:
AirVPN uses its own tool they call "Eddie" which will do latency tests and connect to a recommended server, but which will also allow you to 
manually choose one.


I guess there is a 'market' for an open tool that does the same for
corporate networks then.



You can also let the 'fake' VPN server just not give out any routes to 
the company network, which you can do with a client-config-script.
At that point the VPN is only used for the VPN, but if your VPN 
clients normally only use the VPN to get to the normal company network 
(ie. you > don't stay on the VPN with your data) then connecting to 
the VPN (with no default route) does no damage.


It would still lead to IP address depletion (we mostly use /24 subnets
with DHCP configured to have a pool of 150 IP addresses available, in
our larger offices we might have more than 75 users connected
simultaneously).



I could of course work around that by making the VPN
a different routed (or not routed at all, if I read you correctly)
subnet, but would prefer to stick with bridging for now.


Oh yes apologies, I have no experience with bridged VPN.


I assumed you put them on an entirely different subnet and then routed 
to the main ones.



I guess doing routed requires you to employ routes to the VPN 
everywhere, but the benefit is that you can distinguish pool users 
easier.



But it looks like we can't have it all, for now...


The only choice then it to prevent them from connecting.

Or like the other person said...


You give them a routed different subnet address when in the office that 
is then not used. He said it was far from ideal?


Personally I think routed is better but that's just me.

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users























					Reply via email to