OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

client to client visibility

https://forums.openvpn.net/viewtopic.php?t=8216

Page 1 of 1

client to client visibility

Posted: Wed May 25, 2011 10:11 am
by alberto
Hi!
Is it possible to config this options in this way:
- server can see all the clients
- one client can see all the clients (like the server)
- the other clients can't see each other, they only can see the server.

Thanks in advance!

Re: client to client visibility

Posted: Wed May 25, 2011 10:32 am
by janjust
yes this is possible (on linux servers)

* do NOT use 'client-to-client'
* use iptables to filter out unwanted traffic
* to allow all traffic between clients
- make sure ip_forwarding is enabled
- add an iptables rules similar to

Code: Select all

iptables -I FORWARD -i tun+ -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
To allow only a single client IP, use something like

Code: Select all

iptables -I FORWARD -i tun+ -s 10.8.0.26/32 -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/