SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.vpngate.net/

How to pass ONLY Internet traffic to VPN Client

https://forum.vpngate.net/viewtopic.php?f=7&t=67282

Page 1 of 1

How to pass ONLY Internet traffic to VPN Client

Posted: Wed Dec 08, 2021 2:24 pm
by Gee
I have two vpn users:

1: Me (be able to access LAN and Internet) - works! with default settings

2: a friend: should be able to access only the Internet but not the LAN from VPN Server


how can i realize that?

Re: How to pass ONLY Internet traffic to VPN Client

Posted: Thu Dec 09, 2021 9:31 am
by solo
As no one (or NOBODYxx, lol ;) offers a solution, I submit the following _theoretical_ proposal for tests, discussion and consideration.

1/ create a new vhub for friends on the same SE server, which will prohibit their access to the LAN

2/ link it to your existing vhub on a new L3 switch, similar to my post here viewtopic.php?f=7&t=66579#p92719

3/ in L3 "Add Routing Table Entry" enter default GW pointing to the IP of your router

I foresee the need to include extra firewall rules to enforce LAN access restriction. Your comments, suggestions and corrections are most welcome.

Re: How to pass ONLY Internet traffic to VPN Client

Posted: Thu Dec 09, 2021 10:10 am
by Gee
it works - i added a rule to simply discart all packets to local ips
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/