So far as I know, no one has ever invented a hardware "switch" or a hardware "router" that knew what a "logged-in user" was.
Therefore, I have no idea how OpenVPN (or any other VPN solution) would be able to do such a thing.
Duly acknowledging your statement that "I had this setting a while ago," I, too, have no idea how it was done.
OpenVPN in "bridge" mode acts as a hardware switch, while in "routed" mode it acts as a hardware router. Even though none of the IP-address ranges actually correspond to physical hardware, nothing in the software world is capable of detecting this illusion: from their perspective, "it is real."
"User identities" are nowhere in this picture . . .
|