Deny access for VPN users

AlSpring · 08-23-2018, 06:00 AM

Hi guys!
The users connect to the network 192.168.1.0/24 from others locations through the VPN by getting the addresses 192.168.200.0/24. I want to allow all VPN users access just for ip 192.168.1.50 (connection via smb to file server). For everything else, access is denied (including access to devices through the browser). Can you help me to do it?

TenTenths · 08-23-2018, 10:02 AM

Nobody can give you anything more than vague help you because you've provided no useful information.

For example you do not specify how your VPN is designed, whether it's terminating on a VPN device, a firewall, or if you're using something internal to your network such as having it terminate on a linux server.

The vague answer is "configure your firewalls properly", "configure your VPN termination point properly", or use IP Tables rules on all the individual machines in 192.168.1.0/24 to reject incoming connections from 192.168.200.0/24.

AlSpring · 08-23-2018, 10:43 AM

Thank you for a reply!
The VPN (OpenVPN) server is configured on the router that gives the network 192.168.1.0/24 by DHCP. Users connect to the VPN server (not from 192.168.1.0/24) by getting an ip address 192.168.200.0/24 and have access to the network 192.168.1.0/24.