Hello,
I was wondering if there's a way to create a group of OpenVPN user to only access the Internet through the server and nothing else like private subnets, etc.
Mart
How to prevent OpenVPN users from accesssing anything except
-
majamer
- OpenVpn Newbie
- Posts: 2
- Joined: Wed Oct 10, 2012 6:11 am
-
novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: How to prevent OpenVPN users from accesssing anything ex
It is possible but difficult. It's all about routing in this case. If you push routes more specific than the ones that are on the user's local subnet, you can prevent that person from getting access to the local subnet. But you'd have to know what subnet they're on.
If you're talking about making a user account or group that only gives access to the internet through the VPN server, and have another group next to it with access to the subnet(s) behind the Access Server, then that is possible by creating separate groups with different access rules.
If you're talking about making a user account or group that only gives access to the internet through the VPN server, and have another group next to it with access to the subnet(s) behind the Access Server, then that is possible by creating separate groups with different access rules.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.