Restrict Client from accessing other clients
-
blaztoff
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Jan 30, 2013 6:39 pm
Restrict Client from accessing other clients
I have open VPN installed on a server in my DMZ. I want to be able to access this client from other clients but I do not want this client to be able to access any of my other clients. Currently I can access any other open vpn client that is active. How can I restrict this client?
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Restrict Client from accessing other clients
hi there,
yes it is possible...
better thank janjust for this...
yes it is possible...
better thank janjust for this...
Michael.* do NOT use 'client-to-client'
* use iptables to filter out unwanted traffic
* to allow all traffic between clients
- make sure ip_forwarding is enabled
- add an iptables rules similar to
Code:
iptables -I FORWARD -i tun+ -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
To allow only a single client IP, use something like
Code:
iptables -I FORWARD -i tun+ -s 10.8.0.26/32 -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"