Strictly assign an IP address to a client
Posted: Thu Apr 13, 2023 7:30 pm
Hello everybody
I've setup an openvpn server to serve both our company employees and one external collaborator. I'm assigning IP addresses and pushing specific routes to every single client using ccd directory files. I set up ufw with different rules for the employees and the external guy, based on their IP. But what about if one of them forces another IP address of the same subnet on his openvpn client adapter? I think that is possible and will cause my firewall rules not to work how I designed them. Is there a way to strictly assign a static IP address to a client? I mean traffic not flowing on the tunnel if the client changes his address by his own, or something similar? Or the only way is to split the vpn in two different vpns on different ports?
Thank you
I've setup an openvpn server to serve both our company employees and one external collaborator. I'm assigning IP addresses and pushing specific routes to every single client using ccd directory files. I set up ufw with different rules for the employees and the external guy, based on their IP. But what about if one of them forces another IP address of the same subnet on his openvpn client adapter? I think that is possible and will cause my firewall rules not to work how I designed them. Is there a way to strictly assign a static IP address to a client? I mean traffic not flowing on the tunnel if the client changes his address by his own, or something similar? Or the only way is to split the vpn in two different vpns on different ports?
Thank you