OpenVPN access to a single machine



  • Hi,

    I want to give my team remote access over VPN to a single NAS file server we have on premises. However, when configuring my VPN server when I enter 192.168.15.200/32 (the local IP address of my NAS server) as the CIDR range for the "IPv4 local network", the server provides access to the entire 192.168.15.0/24 subnet instead of just the 1 machine I would like it to.

    I do not know if I am not configuring my pfSense firewall incorrectly or if this is a bug. Maybe this use case is supposed to be handled using firewall rules instead of in the VPN server configuration. However, I'm a noob; so, any help on how to do this will be greatly appreciated.


  • LAYER 8 Rebel Alliance

    You need to craft your Firewall Rules in the OpenVPN Tab.

    -Rico



  • You can define your OpenVPN users in such a way that they get the same IP address every time, and then use that IP address in a firewall rule on the OpenVPN tab to allow or block access to whatever you want. That way you can allow full access to employees through the VPN, but external contractors can only get to specific addresses that you allow.



  • Sorry, it was an idiotic error on my part. I was using the wrong .ovpn file. Problem solved!


Log in to reply