VPN client. Deny internet, allow lan.
Posted: Tue Jul 26, 2016 12:42 pm
Hi, im not admin. Can some one help me?
I have vServer with SoftEther VPN server (SRV1).
User (PC) and remote office lan (hardware router with build-in vpn client) must connect to SRV1 and use local resources (shares, local web site, business apps etc).
SRV1 has 2 adapters. One with static white IP (name WAN) for accsess from internet, and one local (name LAN).
After setup and settings SoftEther VPN server :
One virtual hub with enabled secureNAT ( name HUB1)
One local bridge HUB1<--->LAN
VPN clients use build-in windows vpn and connect to server. They can use local res but all client's internet traffic routed by VPN server. Is bad because VPN server has limited bandwith.
1. I try disable "use remote gateway" option on client side connection's setting. But after it vpn-users cant accsess to LAN on server.
2. I try disable SecureNAT (only DHCP enabled). Same. LAN reses missed
3. I try full disable SecureNAT and use only local bridge with enabled third-part DHCP. But vpn clients dont get IPs from LAN DHCP. (dhcp work fine, SRV1 get IP on LAN adapter from him)
what wrong? How to allow vpn clients use only LAN resources, communicate between VPN clients and remoute lans and deny use VPN server for accsess to internet (they must use selfown internet)?
I have vServer with SoftEther VPN server (SRV1).
User (PC) and remote office lan (hardware router with build-in vpn client) must connect to SRV1 and use local resources (shares, local web site, business apps etc).
SRV1 has 2 adapters. One with static white IP (name WAN) for accsess from internet, and one local (name LAN).
After setup and settings SoftEther VPN server :
One virtual hub with enabled secureNAT ( name HUB1)
One local bridge HUB1<--->LAN
VPN clients use build-in windows vpn and connect to server. They can use local res but all client's internet traffic routed by VPN server. Is bad because VPN server has limited bandwith.
1. I try disable "use remote gateway" option on client side connection's setting. But after it vpn-users cant accsess to LAN on server.
2. I try disable SecureNAT (only DHCP enabled). Same. LAN reses missed
3. I try full disable SecureNAT and use only local bridge with enabled third-part DHCP. But vpn clients dont get IPs from LAN DHCP. (dhcp work fine, SRV1 get IP on LAN adapter from him)
what wrong? How to allow vpn clients use only LAN resources, communicate between VPN clients and remoute lans and deny use VPN server for accsess to internet (they must use selfown internet)?