Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Nov 2018
    Posts
    4

    Default Restrict VPN access to a single device

    I apologize if this is not exactly the right area to post this- it could be a firewall question I suppose.

    At any rate we need to restrict all OpenVPN users to a specific device on the LAN. They will only be allowed to access that one device (which will have a static IP address assigned).

    I know we have to use network filter rules to accomplish this. But what I need is an example of what such a rule would look like. I've searched the documentation and found this:
    support.untangle.com/hc/en-us/articles/216286288-Restrict-VPN-Access-Using-Filter-Rules
    But it's exactly the opposite of what we need to accomplish. That example denies access to a single device while leaving the rest of the network available. I need access to only one device while denying access to the rest of the network.

    Let's say, purely for discussion, that the LAN is 192.168.1.0/24. The OpenVPN network is 172.16.134.0/24. The one device they need access to is at 192.168.1.10. No other internal resources will be accessed- not even DNS.

    How should I create the network filter rule for that to happen?

    Thanks!

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,196

    Default

    I would just use Network Filter in http://<lan ip>/admin/index.do#config/network/filter-rules

    1st rule
    Source Interface = OpenVPN
    Destination = <LAN IP of allowed PC>
    Action Pass

    2nd rule
    Source Interface = OpenVPN
    Action BLock
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2