1. Home
  2. pfSense® Software
  3. IPsec
  4. IPSEC VPN Configuration, restrict access.

IPSEC VPN Configuration, restrict access.

  • T

    Hi

    I'm looking to setup an IPSEC VPN to allow my son remote access to home, but only to one device.

    My pfSense box is setup as:

    WAN
    LAN 192.168.100.x
    OPT1 10.10.100.x
    OPT2 Unused.

    The above is working fine.
    My son is setting up a NAS at home, that he can access when back at his dorm.

    Ideally I want the VPN to only have access to that NAS and no other devices on LAN or OPT1

    I'd thought about assigning 172.16.100.1 to OPT2 and 172.16.100.100 to the NAS
    Add a rule to OPT2 to stop OPT2 from accessing LAN and OPT1 and vis versa.

    When I setup the IPSEC VPN can I assign that a 172.16.100.x IP Address ?
    Can a rule be setup to only allow access from the VPN to 172.16.100.100 (NAS) ?

    I'd be grateful for any pointers doing this.

    Thanks

    0
  • J

    Its been a while and you likely already figured this out but What I would do is add rules to the firewall for IPSec, reducing the access to only the NAS box.  The SOURCE address would be LAN NET and the DESTINATION address would be "single host or alias", with the hostname or ip address of the NAS box.  Make sure to allow all protocols/ports to this device to keep the rule simple.

    John

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy