Hi,
On 12/05/22 18:35, Bo Berglund wrote:
On Thu, 12 May 2022 17:57:00 +0200, Gert Doering <g...@greenie.muc.de> wrote:
Hi,
On Thu, May 12, 2022 at 12:00:13PM +0200, Bo Berglund wrote:
Is there a way I can switch on/off access for a specific client server side
"easily"?
Not really. Well, of course you can put a "disable" into the ccd, but
then it will receive an AUTH_FAIL and not retry.
If it is possible then I can script it server side and give him an URL to my
home webserver to activate the switch ON/OFF.
... what you could do: make that switch control the corresponding ccd/ file,
and have the "push 'redirect-gateway'" (and/or "push 'route...'") commands
in there.
So the OpenVPN would always be "connected", but only if he wants to watch
"remote geoloc TV", he would receive pushed routes to send packets your
way... (and then you'd need to bump the session, as you cannot currently
change pushed routes in the middle of a session - well, strictly you can,
but this needs the management interface to trigger on the server, and the
behaviour is not exactly well-defined).
Thanks Gert,
I guess it was an anticipated reply...
The proper way is probably to be able to ssh into the router and issue some ovpn
stop command at the proper place to disconnect the client. And of course the
opposite to connect it.
What is finally needed is for the tunnel to come down for local streaming and be
up for remote streaming.
The problem is that once the VPN is down, there isĀ no automated way for
the VPN server to bring it back up - for that you need an outside
channel (like SSH).
Or, what you need for the tunnel is to NOT be the default route (for
local streaming) or to be the default route (for remote streaming). So
what you could try is to keep the tunnel up at all times and modify the
routing table - that can be done either by SSH'ing into the router over
the tunnel, or to flip between two CCD files and use the management
interface (on the client side) to restart the connection.
HTH,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
