4. Block user in vpn dial in to access other lan

Block user in vpn dial in to access other lan

  • C

    Hi all, my situation:

    i have more lan (one each customer).

    Can i get access in vpn dial in with openvpn to (example) at Marc in his lan but hi don't see other lan?

    …. bad english?? YEH!

    marc can access with openvpn dial in at his lan
    joe can access with openvpn dial in at his lan,

    but marc cannot access in joe lan and also joe cannot access in marc lan.

    Tnx so much!!

    0
  • V

    To implement your intention the VPN users have to get definite IPs from your VPN server. Then these IPs can be used in firewall rules to permit clients accessing specific destinations.

    You can reach this by running different OpenVPN servers with separate tunnel IP pools for each customer / security group or by pushing a definite IP to each client using "Client specific overrides".
    For both ways certificate based authentication is required!

    If you want to setup multiple OVPN servers you have to add a separate CA for each at first. Server and user get their certs from this CA, so only users who have the correct cert may connect to this server.

    If using client specific overrides look here for explanation: http://fastinetserver.wordpress.com/2013/03/09/pfsense-openvpn-static-ip-for-clients/

    0
  • C

    many thanx viragomann, now i try to do it, i hope to have success.

    Can i ask you other in future?

    For me, this features is very important

    Regards

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy