i have an openvpn server in a network with LAN devices.
i currently use the FORWARD option in iptables to authorize some LAN devices for VPN clients and deny others.
(FORWARD default is DROP).
i want now to provide internet access for VPN clients.
my problem is that i have to forward all trafic so it can join internet gateway.
even if i forward only the necessary ports (50,80,443), VPN clients can join web servers on the LAN.
i can't find a good setup to maintain these restrictions.
can somebody point me in a direction for this ?
iptables - allow internet access and deny lan access
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu May 29, 2014 1:22 pm