"Client-to-client" for dedicated clients only…
-
I have successfully set up 2 OpenVPN servers on a pfsense 1.2.3-RELEASE. 16 clients are connecting, and communication works well both ways.
Now, 1 of the clients should be granted access to communicate directly with other clients… I have tried to limit access with firewall rules and the option "Client-to-client VPN" option enabled, but it seems like the "Client-to-client VPN" option overrule the firewall rules? My firewall only works for limiting VPN clients access to physical interfaces, not VPN IP pools.
Any clever ways to achieve this goal?
-
Am I really so bad at explaining my issue that no one understand what I'm talking about, or does nobody have the need to grant only a few users access to other clients?
All clients to all clients = OK.
No clients to no clients = OK.
Some clients to some clients = my problem.Somebody must have been in my boat before?
-
Make a separate OpenVPN server instance for the higher tier user, and allow access via firewall rules.
http://doc.pfsense.org/index.php/OpenVPN_Traffic_Filtering_on_1.2.3
-
Yeah? Very sparse on details, I'll have to start guessing my way. At least, by your reply I know it's probably possible. Thank you.