Announcement

Collapse
No announcement yet.

how to set OpenVPN client connection to only see one machine in network

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    how to set OpenVPN client connection to only see one machine in network

    So, to keep things short, i have a client who needs to provide access to one of their server to a long-distance user via OpenVPN. However, my superior wants to ensure while using the VPN connection, they can see only the server they are interfacing with and no other machines on the network.

    I need to know how to fence in that specific User's connection to one particular server, but I am unsure how to go about setting something like that up.

    Any help would be appreciated.
    Tags: None
  • #2
    Use Firewall App to restrict the OpenVPN user's name to that IP.

    Click image for larger version Name: restrict-openvpn-user.png Views: 1 Size: 65.7 KB ID: 384374
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email [email protected]

    Comment

    • #3
      Originally posted by jcoffin View Post
      Use Firewall App to restrict the OpenVPN user's name to that IP.

      [ATTACH=CONFIG]11625[/ATTACH]
      Yes this!

      Make a rule that blocks everything from source interface openvpn, then make pass rules for username to match the OpenVPN client name, and whatever else you need to limit things to the appropriate target.

      I do this all the time to authorize users to RDP into their stations, and ONLY their stations while only allowing RDP. Very flexible, very stable, very safe solution.
      Rob Sandling, BS:SWE, MCP, Microsoft Certified: Azure Administrator Associate
      NexgenAppliances.com
      Phone: 866-794-8879 x201
      Email: [email protected]

      Comment

      • #4
        Thank you, this is exactly what I need. Cheers friends!

        Comment

        • #5
          Exactly what I have done for years.

          Comment

          Previous template Next
          Working...
          X