I have two vpn users:
1: Me (be able to access LAN and Internet) - works! with default settings
2: a friend: should be able to access only the Internet but not the LAN from VPN Server
how can i realize that?
How to pass ONLY Internet traffic to VPN Client
-
- Posts: 1270
- Joined: Sun Feb 14, 2021 10:31 am
Re: How to pass ONLY Internet traffic to VPN Client
As no one (or NOBODYxx, lol ;) offers a solution, I submit the following _theoretical_ proposal for tests, discussion and consideration.
1/ create a new vhub for friends on the same SE server, which will prohibit their access to the LAN
2/ link it to your existing vhub on a new L3 switch, similar to my post here viewtopic.php?f=7&t=66579#p92719
3/ in L3 "Add Routing Table Entry" enter default GW pointing to the IP of your router
I foresee the need to include extra firewall rules to enforce LAN access restriction. Your comments, suggestions and corrections are most welcome.
1/ create a new vhub for friends on the same SE server, which will prohibit their access to the LAN
2/ link it to your existing vhub on a new L3 switch, similar to my post here viewtopic.php?f=7&t=66579#p92719
3/ in L3 "Add Routing Table Entry" enter default GW pointing to the IP of your router
I foresee the need to include extra firewall rules to enforce LAN access restriction. Your comments, suggestions and corrections are most welcome.
-
- Posts: 3
- Joined: Tue Sep 04, 2018 11:45 am
Re: How to pass ONLY Internet traffic to VPN Client
it works - i added a rule to simply discart all packets to local ips