Page 1 of 1
How to prevent OpenVPN users from accesssing anything except
Posted: Wed Oct 10, 2012 5:14 pm
by majamer
Hello,
I was wondering if there's a way to create a group of OpenVPN user to only access the Internet through the server and nothing else like private subnets, etc.
Mart
Re: How to prevent OpenVPN users from accesssing anything ex
Posted: Sun Dec 09, 2012 7:24 pm
by novaflash
It is possible but difficult. It's all about routing in this case. If you push routes more specific than the ones that are on the user's local subnet, you can prevent that person from getting access to the local subnet. But you'd have to know what subnet they're on.
If you're talking about making a user account or group that only gives access to the internet through the VPN server, and have another group next to it with access to the subnet(s) behind the Access Server, then that is possible by creating separate groups with different access rules.