Implementing Subnet based access from VPN99 to destination.. Home Page › Forums › Network Management › Firewall, Traffic Shaping and Net Balancer › Implementing Subnet based access from VPN99 to destination.. This topic contains 1 reply, has 0 voices, and was last updated by jp10558 6 years, 9 months ago. Viewing 1 post (of 1 total) Author Posts October 19, 2012 at 6:42 pm #43469 jp10558Member I’m trying to impliment http://openvpn.net/index.php/open-source/documentation/howto.html#policy with Zeroshell. I just can’t figure out how to set up the firewall rules. I’m using 2.0RC1 for this. I’ve tried (under FORWARD chain per the OpenVPN docs): 1 VPN99 * ACCEPT all opt — in VPN99 out * 220.127.116.11/24 -> 0.0.0.0/0 so that if you get assigned, say 18.104.22.168 you can access any subnet on our internal networks. I then have 2 VPN99 * ACCEPT all opt — in VPN99 out * 22.214.171.124/24 -> 192.168.1.0/24 And then: 3 VPN99 * REJECT all opt — in VPN99 out * 126.96.36.199/24 -> 0.0.0.0/0 reject-with icmp-net-prohibited So that if you are assigned, say, 188.8.131.52, you can ONLY get to the 192.168.1.0/24, but not, say, to 192.168.2.0/24… This doesn’t work – so how would I implement these requirements? Author Posts Viewing 1 post (of 1 total) You must be logged in to reply to this topic.