Hi there!
How should OpenVPN AS be configured if I need:
1) To access clients (clients' port 443, for instance) from server side by their VPN IP
2) Clients should not access server ports or "see" other clients
?
This is some kind of a remote support, where admin needs to access client's machines.
Thanks!
Access clients by their VPN ip behind NAT
-
SpeedMonster
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Aug 22, 2023 7:47 pm
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: Access clients by their VPN ip behind NAT
Hello,
For VPN clients to be exposed to your network you need to set up routing access. This requires your network to cooperate by making the VPN client subnet reachable from your network.
Regarding the second requirement, routing access is two-way. At best you could add custom iptables rules to block certain traffic in ways that you want to block it while leaving other paths open.
Your situation is not one that can be done with typical GUI settings.
Kind regards,
Johan
For VPN clients to be exposed to your network you need to set up routing access. This requires your network to cooperate by making the VPN client subnet reachable from your network.
Regarding the second requirement, routing access is two-way. At best you could add custom iptables rules to block certain traffic in ways that you want to block it while leaving other paths open.
Your situation is not one that can be done with typical GUI settings.
Kind regards,
Johan
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support