Restrict IPs by username

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
belcloud
OpenVpn Newbie
Posts: 1
Joined: Sat Nov 21, 2015 1:39 am

Restrict IPs by username

Post by belcloud » Sat Nov 21, 2015 2:09 am

Would it be possible in any way to control what IPs an user accesses?

I have a private network 10.22.0.0/16 and i have 1000 users on a freeradius auth.

For security, i require a solution to whitelist certain IPs for each user.

As the ips are rather random and can be changed from user to user, i need a flexible solution, that can be updated fast.

For example, i require user1 to access 10.22.0.1 and 10.22.0.3 and 10.22.22.5 and only these IPs.
And user2 to access 10.22.0.2, 10.22.22.15 and only these IPs


The only solution i've thought of so far is to assign static IP to each user and then allow/disallow via iptables. But doesn't seem a very good solution to me.

Do you have any better solutions?

Thank you
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Restrict IPs by username

Post by Traffic » Mon Nov 23, 2015 10:35 pm

This is not possible from within OpenVPN itself .. you can use iptables though.

The OpenVPN HOWTO offers this:
https://openvpn.net/index.php/open-sour ... tml#policy
Top
Post Reply

Return to “Routing and Firewall Scripts”