Allow particular user to access only one port on particular

How to customize and extend your OpenVPN installation.
Post Reply
mackowiakp
OpenVpn Newbie
Posts: 2
Joined: Wed Jul 22, 2015 11:57 am

Allow particular user to access only one port on particular

Post by mackowiakp » Wed Jul 22, 2015 12:14 pm

I am new so my OpenVPN configuration is very typical. Clients logins to my Linux based OpenVPN server using user/pass credentials. On the same server I have several services running, each on separate port of course.
I want to grand access for example for user1 access only to port 12000 and for user2 only to port 162. Users can log in from different address from Internet.
Any help how can I do it? Any help in iptables rules. And I don know at all, how assign specific privilages for particular user, different for each.
Be kind to answer for newbie.....

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: Allow particular user to access only one port on particu

Post by Traffic » Thu Jul 23, 2015 9:49 am

You must assign each user a specific VPN IP:
HOWTO: Expanding the scope of the VPN to include additional machines

Then use a firewall to specify access by source IP:
Configuring client-specific rules and access policies

mackowiakp
OpenVpn Newbie
Posts: 2
Joined: Wed Jul 22, 2015 11:57 am

Re: Allow particular user to access only one port on particu

Post by mackowiakp » Fri Jul 24, 2015 6:23 am

THX. But it explains how to restrict particular user access to specific host in network. But I want restrict access of particular user to specific port on the same machine with OpenVPN server running. In other words. Linux based server has several apps running on it. That includes OpenVPN, Apache, Samba, NFS and specific app running on port 162 (snmp-trap). I want several users to give access over OpenVPN only to port 162 and OpenVPN port of course. All other will have full access to network (just like at this moment). Thats my goal. Any idea?

markost
OpenVpn Newbie
Posts: 1
Joined: Sun Mar 28, 2021 8:00 am

Re: Allow particular user to access only one port on particular

Post by markost » Sun Mar 28, 2021 8:14 am

Sorry for opening the old post ..... I have the same question, so I would like to allow client 1 access to the service on port eg 1234, and client 2 access to port eg 5678. Ip address is the same.

192.168.0.16:1234 <- access only for clinet 1
192.168.0.16:5678 <- access only for client 2

Is this possible?

I use OpenVPN on RaspberryPI, installed via pivpn.

Thanks for any help!

Post Reply