Good day to all!
I Know a very simple task but something I can't do.
There is a network of servers 172.16.16.0/255.255.255.0/172.16.16.254
There are VPN clients(securenat) 192.168.30.1/255.255.255.0/192.168.30.1
you Need to make sure that VPN clients can only connect to the network servers, ie: 172.16.16.0/255.255.255.0
access to the Internet via VPN should be restricted.
How do I do this? Thank you in advance!
VPN access only with local network segments without Internet
-
- Posts: 2
- Joined: Wed Nov 11, 2020 4:05 pm
-
- Posts: 329
- Joined: Wed Sep 18, 2013 1:49 pm
Re: VPN access only with local network segments without Internet
Hello orxan7m,
Remove the Default gateway from the DHCP area of SecureNAT. Clients will now only use their own local ISP gateway for internet but now WILL NOT have access to the local resources at the VPN location. To solve this just add a static Route directing them to your local network under "Edit the Static routing table to push". The entry would be 172.16.16.0/255.255.255.0/192.168.30.1
Remove the Default gateway from the DHCP area of SecureNAT. Clients will now only use their own local ISP gateway for internet but now WILL NOT have access to the local resources at the VPN location. To solve this just add a static Route directing them to your local network under "Edit the Static routing table to push". The entry would be 172.16.16.0/255.255.255.0/192.168.30.1
-
- Posts: 2
- Joined: Wed Nov 11, 2020 4:05 pm
Re: VPN access only with local network segments without Internet
thank you very much! earned it!