A small startup I work for has employees all over the world, including countries such as China where censoring is in place.
All these employees connect to the corporate network through OpenVPN which works great.
Now, I'd like the employees who are working abroad to stay connected to their friends and family even when in China.
Is there a way to route all YouTube, Facebook, Twitter, … traffic through the VPN without forcing the VPN to set itself as gateway for all hosts?
I could just route the IPs, similar to this (sample of the oVPN config):
route 192.168.200.0 255.255.255.0
route 192.168.110.0 255.255.255.0
route 192.168.22.0 255.255.255.0
However, it's pretty clear Youtube and sites alike use quite a lot of IPs, and adding a DNS (or a catch all, for subdomains, and external domains such as ytimg.com) would make it a lot easier.
As I have control over the DNS, perhaps forcing youtube.com to resolve to the VPN's IP, and forward from there on to the right host might be a solution ?
How can I best do this ?
Thanks,
Yeri
Best Answer
The easiest way would probably be to install a web proxy (Squid for example) on a server on your LAN, and that chinese employees set it up in the favorite browser : All their web traffic (Youtube, Twitter, ...) will go through the OpenVPN and then go out on the Internet with your IP in Belgium : no filter :-)