OpenVPN Server to VLAN rule
-
I'd like to give access to a particular VLAN (VLAN 10, 192.168.10.0/24) from connections on the OpenVPN server (10.0.8.0/24).
I have the default rule as attached below. Shouldn't that be enough for communication to the VLAN? Yet it does not work.
EDIT: I just realized that there's a "IPv4 Local network" allowable networks field in the server configuration. Is that it?
![Screen Shot 2018-02-02 at 12.22.30 PM.png](/public/imported_attachments/1/Screen Shot 2018-02-02 at 12.22.30 PM.png)
![Screen Shot 2018-02-02 at 12.22.30 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2018-02-02 at 12.22.30 PM.png_thumb) -
EDIT: I just realized that there's a "IPv4 Local network" allowable networks field in the server configuration. Is that it?
Yes, you have to enter the VLAN 10 network, 192.168.10.0/24 into the "IPv4 Local network" box.
However, this field is not for allowing access, its just for pushing routes for network entered to the client. To block access from VPN clients to other networks you should restrict the firewall rule on OpenVPN interface to only allow access only to VLAN10.