I want to setup a VPN server that puts each user into a different VLAN.
I've got a network with about 200 users in which each user is in a separate VLAN with his own /27-IPv4 network. Which user belongs into which VLAN is determined by an LDAP server which also provides authentication. I've got a Freeradius server as well which cloud do authentication. I've got a REST-Api for getting the VLAN id for a given username, if that helps. A single DHCP server runs for all users.
I want to create a VPN server that allows every user to login from the internet. The user should then be put into his VLAN and (hopefully without further configuration) get an IP address within his own /27-network from the DHCP server.
My router, VPN, LDAP/Freeradius, and DHCP run each on separate Debian virtual machines.
I've tried to solve this with an OpenVPN server but failed so far to map users to VLANs. (afaik I can only configure a single server-side interface)
How can I achieve this?
Bonus question: Would it be different for IPv6?