Now, however, I want to let other users connect, but I only want them to be able to get access to a specific host on my LAN.
Preferably by DNS name.
How to configure this?
I understand that it could be done using separate IP-ranges and some sort of firewall setup. But how do I acheive this?
Is there a better / simpler way?
My server conf:
Code: Select all
port 1194
proto udp
dev tun1
ca /mnt/openvpn/keys/ca.crt
cert /mnt/openvpn/keys/openvpn-server.crt
key /mnt/openvpn/keys/openvpn-server.key
dh /mnt/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
route 192.168.1.70 255.255.255.0 10.8.0.1
keepalive 10 120
group nobody
user nobody
comp-lzo
persist-key
persist-tun
verb 3
Code: Select all
client
dev tun
proto udp
remote MY.IP.GOES.HERE 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert myfirstname.mylastname.crt
key myfirstname.mylastname.key
ns-cert-type server
comp-lzo
verb 0
dhcp-option DNS 192.168.1.1