...
| Info |
|---|
You DO NOT need to restart the openvpn server after adding client configs. Each time a client connects openvpn will check for a corresponding (named) file in the ccd folder. |
Enabling split-tunnel for a specific client
If you've setup your openvpn server to route all client traffic through the tunnel, you might want a specific client to ignore this and only use the tunnel for connections to other machines on the VPN.
An example for this might be when using an VPN connection to securely connect machines together for node_exporter monitoring (Prometheus) as alluded to in Create a persistent SSH tunnel between servers with systemd (a VPN is an alternative to that article and the preferred approach).
To ignore the server's redirect-gateway directive, add the following to the client's ovpn config file:
| Code Block |
|---|
--pull-filter ignore redirect-gateway |
| Info |
|---|
Note this requires at least openvpn version 2.4. For older versions see here. |
Overriding DNS settings for server in client configutation
...
| Code Block |
|---|
sudo systemctl enable openvpn-reconnect |
Recovering after an accidental ./clean-all
| Status | ||||
|---|---|---|---|---|
|
Using port 443 for OpenVPN & other applications (like a webserver)
...
- https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
- https://community.openvpn.net/openvpn/wiki/IgnoreRedirectGateway
Related articles
| Content by Label | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...