Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Oct 2010
    Posts
    7

    Default Trouble blocking VPN users from accessing my LAN

    Greetings!

    I'm having some issues with creating firewall rules to prevent VPN'd users from accessing parts of my LAN, and I'm hoping someone is able to help.

    I have OpenVPN installed and set up to provide 17.16.0.0/24 addresses to my VPN'd clients. My LAN is 10.0.0.0/8. My clients need access to exactly two IPs on my network:

    - My internal DNS (let's call it 10.0.0.10) so the domain of my webserver resolves, and
    - My webserver (let's call it 10.0.0.20)

    Other than that, I want everything else to be inaccessible.

    None of what I have tried so far has worked.

    Any help would be much appreciated.

    Thanks in advance,
    Jay

  2. #2
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050

    Default

    Hi AC-Jay,

    Are you running "Full-tunnel"?

    Other wise i would say the easiest would be to just export:
    10.0.0.10/32
    10.0.0.20/32

    And then create a Firewall rule that say:
    Src 172.16.0.0/24
    Des 10.0.0.10,10.0.0.20
    Port 53,80

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2