From 3f512438702c3efa267aaef2be5ea43ff55b7277 Mon Sep 17 00:00:00 2001
From: Fulvio Galeazzi <fulvio.galeazzi@garr.it>
Date: Fri, 27 Mar 2020 22:16:49 +0000
Subject: [PATCH] 2020-03-27:  FG;  Avoid redirecting all client traffic
 through VPN, leave client default gateway as is.

---
 group_vars/openvpn | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/group_vars/openvpn b/group_vars/openvpn
index 25e43a5..61986d2 100644
--- a/group_vars/openvpn
+++ b/group_vars/openvpn
@@ -13,10 +13,12 @@ fwrules:
 #
 pushtoclient:
   - {param: "route", value: "{{ lannetwork }} {{ lannetmask }}"}
-  - {param: "redirect-gateway", value: "def1 bypass-dhcp"}
   - {param: "dhcp-option", value: "DNS 208.67.222.222"}
   - {param: "dhcp-option", value: "DNS 208.67.220.220"}
 
+# Should you prefer to redirect ALL client traffic through VPN, add this
+#  - {param: "redirect-gateway", value: "def1 bypass-dhcp"}
+
 
 clientconfig:
   cfghome:   /home/ubuntu/client-configs
-- 
GitLab