Setting up a vpn with restricted access

[Qirq]

Hi

I am setting up a VPN Access Server that has two nic's running Ubuntu 12.04

Nic nr one accept incoming from Internet (forward TCP and UDP in firewall) this works.

BUT on nic nr 2 I would like to have what is accesible from the VPN (today only one linux server).

This part I havent configured / Figured out yet. How and where do I do this?

Should say I am fairly new to linux world.

BIG thank you for reading and an bigger one if you reply.

[novaflash]

Running a firewall solution on the Access Server itself is generally not recommended. This is because Access Server itself uses iptables to make access to the various IP subnets and devices possible while keeping certain access between VPN clients and such separate from each other.

There are many ways of configuring Access Server, but what I'd do in your case is this:

Put the Access Server on a private subnet, with just 1 NIC. Give it an IP address in a private range - the same subnet that your Linux server that you want VPN users to get access to. Then in its default configuration it should give all VPN clients access to that whole private range.

Next, set up a firewall with, indeed, a NIC1 for internet access and a NIC2 for LAN with DHCP server for the private range and such. Have NAT enabled so your private network can reach the internet, and then just do a port forward for TCP 443, TCP 943 and UDP 1194 from the internet access port to the private IP address of the Access Server. Then you're pretty much done.

Good luck.