I am learning the OpenVPN Access Server and have successfully set it up.
I have created a few different users and one of these users is loaded directly onto my DD-WRT router. This means that anything that connects to this router will be accessing the Internet through the VPN tunnel into my Server LAN.
Since this could pose a security concern due to anyone that plugs in an ethernet cord into this router has access to my VPN servers, I want to limit this specific user to only be able to access the following IP Addresses available in my VPN Server LAN:
In the Web User Interface Admin Page:
Under 'User Permissions' the settings for this user include an 'Access Control' section, which I have the following:
Code: Select all
Select Addressing Method: Use NAT (checked) Allow Access to these Networks: 10.0.0.34 10.0.0.124 10.0.0.75 Allow Access From: all server-side private subnets (checked) Allow Access From: all other VPN clients (checked)
This isn't working due to "Allow Access to these Networks" wants a subnet. But if I give it a 10.0.0.0/24, this user will have access to the entire subnet (10.0.0.1-10.0.0.254), which I dont want. I want whoever is connected to the DD-WRT router to only be able to access those 3 ip addresses. Other users should still be able to access whatever I define as their accessible subnets (so this has to be on a user basis).
Thank you so for the help!