Split Tunneling based on domain name possible?

Michael Herzhauser michael.herzhauser at innovate-gmbh.de
Tue Jun 6 01:09:20 PDT 2023


Hello, 

I've setup Ocserv in my corporate network with split tunneling and it's
working good so far.
However some of my colleagues in home office need to connect to some cloud
servers of 
our customers, which implement IP whitelisting to our company's public IP. 
Due to split tunneling, requests to these cloud servers are not routed via
VPN but the normal
internet connection and the connection gets blocked.

Therefore I'd like to add a route based on the domain name of these servers 
(public IPs of these servers are dynamically assigned and change
frequently), but didn't find 
any information about that. All the examples in the config file only use IP
addresses.

Is it even possible? And if so, any info on syntax (e.g wildcards for
subdomains) would be great to have.
Otherwise I'd have to convert to "tunnel all", which I'm trying to avoid.

Thanks in advance
Michael Herzhauser




More information about the openconnect-devel mailing list