4. IPSEC VPN Configuration, restrict access.

IPSEC VPN Configuration, restrict access.

  • T

    Hi

    I'm looking to setup an IPSEC VPN to allow my son remote access to home, but only to one device.

    My pfSense box is setup as:

    WAN
    LAN 192.168.100.x
    OPT1 10.10.100.x
    OPT2 Unused.

    The above is working fine.
    My son is setting up a NAS at home, that he can access when back at his dorm.

    Ideally I want the VPN to only have access to that NAS and no other devices on LAN or OPT1

    I'd thought about assigning 172.16.100.1 to OPT2 and 172.16.100.100 to the NAS
    Add a rule to OPT2 to stop OPT2 from accessing LAN and OPT1 and vis versa.

    When I setup the IPSEC VPN can I assign that a 172.16.100.x IP Address ?
    Can a rule be setup to only allow access from the VPN to 172.16.100.100 (NAS) ?

    I'd be grateful for any pointers doing this.

    Thanks

    0
  • J

    Its been a while and you likely already figured this out but What I would do is add rules to the firewall for IPSec, reducing the access to only the NAS box.  The SOURCE address would be LAN NET and the DESTINATION address would be "single host or alias", with the hostname or ip address of the NAS box.  Make sure to allow all protocols/ports to this device to keep the rule simple.

    John

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy