Abstract question:
In my OpenVPN client setup I'd like to set routes pushed by the server only under certain conditions.
Concrete situation:
I am using a laptop, that, when I am at the office, connects to our companys infrastructure via its gateway. When I am out of the office, e.g. at a customers site, I use a separate OpenVPN connection to reach our infrastructure. The twist here is, that this OpenVPN connection is also used to connect to our customers, either when I am in the office, or when I am on the road.
The routes to our customers networks and our infrastructures network get pushed everytime I connect the OpenVPN client on my laptop. There is an application running in our datacenter which gets pretty confused by the second connection, and I would like it only to use the route via our offices gateway, when I am in the office.
Question: Is there any option in OpenVPN to tell the client something like "if you have an IP adress assigned like 10.0.0.X (office-site IP address), do NOT apply one specific route pushed from the server (the route that points to our infrastructure / datacenter)".
All other routes should not be affected by the workaround / solution and the route should be pushed, when I am working from a customers site or from my home office.
I cannot set up another connection that does not include the route to the datacenter, as the connection is used by co-workers too.
Researches done so far: I already worked through FAQs and manpages of OpenVPN, where I found solutions pointing to only route specific traffic or all traffic through the VPN, which is as good as setting up another connection.
Best Answer
You can use the directive
route-noexecand manually set up the routing withupanddownscripts on this specific client.You should have all required information in environment variables, see section
Environmental Variablesin the manpage.