If they are not using a global CDN, you can try and figure out the IP ranges of that "remote geoloc TV”, you can route only them over the VPN, that way both will work all the time. This could be fairly easy to do, just tell him to start the streaming and watch the connections on the router, after a few iterations you should have them all.
> On 13. May 2022, at 10:44, Jan Just Keijser <jan.just.keij...@gmail.com> > wrote: > > Hi, > > On 12/05/22 18:35, Bo Berglund wrote: >> On Thu, 12 May 2022 17:57:00 +0200, Gert Doering <g...@greenie.muc.de> wrote: >> >>> Hi, >>> >>> On Thu, May 12, 2022 at 12:00:13PM +0200, Bo Berglund wrote: >>>> Is there a way I can switch on/off access for a specific client server side >>>> "easily"? >>> Not really. Well, of course you can put a "disable" into the ccd, but >>> then it will receive an AUTH_FAIL and not retry. >>> >>>> If it is possible then I can script it server side and give him an URL to >>>> my >>>> home webserver to activate the switch ON/OFF. >>> ... what you could do: make that switch control the corresponding ccd/ file, >>> and have the "push 'redirect-gateway'" (and/or "push 'route...'") commands >>> in there. >>> >>> So the OpenVPN would always be "connected", but only if he wants to watch >>> "remote geoloc TV", he would receive pushed routes to send packets your >>> way... (and then you'd need to bump the session, as you cannot currently >>> change pushed routes in the middle of a session - well, strictly you can, >>> but this needs the management interface to trigger on the server, and the >>> behaviour is not exactly well-defined). >>> >> Thanks Gert, >> I guess it was an anticipated reply... >> >> The proper way is probably to be able to ssh into the router and issue some >> ovpn >> stop command at the proper place to disconnect the client. And of course the >> opposite to connect it. >> What is finally needed is for the tunnel to come down for local streaming >> and be >> up for remote streaming. > > > The problem is that once the VPN is down, there is no automated way for the > VPN server to bring it back up - for that you need an outside channel (like > SSH). > > Or, what you need for the tunnel is to NOT be the default route (for local > streaming) or to be the default route (for remote streaming). So what you > could try is to keep the tunnel up at all times and modify the routing table > - that can be done either by SSH'ing into the router over the tunnel, or to > flip between two CCD files and use the management interface (on the client > side) to restart the connection. > > HTH, > > JJK > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
