Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Restricting VPN user to accessing only a single ip

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      bossman42
      last edited by

      I am new to firewalls and pfsense and I am wondering if it is possible to restrict a VPN user to only accessing a single ip address on the network. So they would only be able to access one computer instead of the whole network.
      If so then how?

      1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann
        last edited by

        Off course this is possible. pfSense is a firewall, that's its primary job.

        How to do depends on whether you want to restrict access to a particular user or to all vpn users.
        If all users should be restricted modify the default allow any to any rule on OpenVPN interface (assuming you have used the wizard for setup) and change the destination to "single host or alias" and enter the host you want to permit access to the vpn users.

        If you want to restrict only certain users you have to configure client specific overrides at first to assign static IPs to these users and then use these IPs as source in the firewall rules.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.