| 1 |
On 12/23/2013 07:04 PM, Michael Orlitzky wrote: |
| 2 |
> |
| 3 |
> The not-simple solutions are probably going to involve reorganizing your |
| 4 |
> network a bit; having a workstation, web server, and VPN client all on |
| 5 |
> one box is giving you conflicting requirements. But maybe if you're |
| 6 |
> lucky, you have a static public IP address on the VPN. In that case you |
| 7 |
> can always access the website via the VPN address. |
| 8 |
|
| 9 |
The thing that you really want to enforce is that incoming packets "go |
| 10 |
out" over the same connection that they came in on. Ignoring the fact |
| 11 |
that the last sentence doesn't really make sense, it can be done for |
| 12 |
multiple (redundant) upstream providers: |
| 13 |
|
| 14 |
http://www.lartc.org/howto/lartc.rpdb.multiple-links.html |
| 15 |
|
| 16 |
However, the routing table in that scenario is fixed. I wouldn't bet on |
| 17 |
OpenVPN being able to add its routes without messing something up. |
Archives