Hello,
in addition to my first request regarding the possible software-bug, I have the need to add additional subnets on the server side, which are allowed to connect to the remote-side of my site-to-site VPN. At the user settings of the AS there is the option called "Allow Access From: all server-side private subnets". The server itself is located at 192.168.200.0/24 and only that Subnet is currently allowed. However, I'm having also clients that are located at 192.168.201.0/24. Is there a possibility to also enter these additional subnets somewhere?
My tempoary solution currently is that I add the following rule manually after establishing the connection: "iptables -A AS0_U_PARENTS_OUT -s 192.168.201.0/24 -j ACCEPT".
Best wishes
Chris
Access Control - How to add more server-side private subnets?
-
- OpenVpn Newbie
- Posts: 3
- Joined: Fri Jul 02, 2021 6:45 am
-
- OpenVPN Power User
- Posts: 156
- Joined: Thu Mar 28, 2013 8:31 am
Re: Access Control - How to add more server-side private subnets?
I believe what you are looking for is available in the web admin portal under:
Configuration -> VPN Settings -> Routing -> Specify the private subnets to which all clients should be given access (one per line)
Configuration -> VPN Settings -> Routing -> Specify the private subnets to which all clients should be given access (one per line)
- openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: Access Control - How to add more server-side private subnets?
Note also that if you want 192.168.200.0/24 and 192.168.201.0/24, a single CIDR expression of 192.168.200.0/23 includes both.
I <3 subnetting, rob0
I <3 subnetting, rob0
OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support