two Questions: Static IP Addresses and Admin UI access

Post Reply
OpenVpn Newbie
Posts: 4
Joined: Thu May 17, 2018 10:44 am

two Questions: Static IP Addresses and Admin UI access

Post by jgrassler » Mon Dec 17, 2018 2:57 pm

Hi Guys, im setting up an openvpn access server on ubuntu 18.04.

I have done a routed configuration.
The server is in its own network and has the ip
The clients are in the network i added a static route to the firewall to point towards the vpn server as a gateway for this network.

The Plan:
I want to set static vpn ip via the openvpn User and Gui (example user1:
Then i want to restrict this ip via the firewall just to access the hand of ports/ips that are needed for this user.
1:allow to https
2:deny all

this is working for now, now the questions:

Can i be sure that the user cannot change his IP address, if i set it static ip the openvpn gui?
( an therefore be sure that the ACLs i set in the firewall always apply to this login/user)

What is the current way to lock the availability of the admin gui towards the internet and vpn IP addresses?
(i know there is password lockout and i can have a propper admin password, but what if i want no way of someone from outside accessing it ever? )
I tried setting the admin gui on a different port wich would not be open to the outside, but the fqdn/admin is still available.

thanks for the help!

Post Reply