Implementing Subnet based access from VPN99 to destination..

Home Page Forums Network Management Firewall, Traffic Shaping and Net Balancer Implementing Subnet based access from VPN99 to destination..

This topic contains 1 reply, has 0 voices, and was last updated by  jp10558 6 years, 9 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #43469

    jp10558
    Member

    I’m trying to impliment
    http://openvpn.net/index.php/open-source/documentation/howto.html#policy

    with Zeroshell. I just can’t figure out how to set up the firewall rules. I’m using 2.0RC1 for this.

    I’ve tried (under FORWARD chain per the OpenVPN docs):
    1 VPN99 * ACCEPT all opt — in VPN99 out * 172.50.1.0/24 -> 0.0.0.0/0

    so that if you get assigned, say 172.50.1.3 you can access any subnet on our internal networks.

    I then have
    2 VPN99 * ACCEPT all opt — in VPN99 out * 172.50.0.0/24 -> 192.168.1.0/24
    And then:
    3 VPN99 * REJECT all opt — in VPN99 out * 172.50.0.0/24 -> 0.0.0.0/0 reject-with icmp-net-prohibited

    So that if you are assigned, say, 172.50.0.1, you can ONLY get to the 192.168.1.0/24, but not, say, to 192.168.2.0/24…

    This doesn’t work – so how would I implement these requirements?

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.