What's new

OpenVPN Server - Can I restrict access client to specified local IP on the server side local LAN? HELP!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dblock8212

New Around Here
I have an Asus RT-AC88U running on stock firmware (Version 3.0.0.4.386.41700). I have created an OpenVPN server so that my brother can access my NAS from his home remotely. I have DDNS set up on the router. I can connect from his home to the VPN without issue. However, I noticed that when he is connected to my VPN, he then has access to all IP addresses on my home network not just the NAS. Is it possible to restrict his access to only my NAS local IP for example: 192.168.1.201. I don't know if this has to be done on the OpenVPN side or with iptables / firewall. Either way I don't know if this is even possible.
 
Since I don't use the stock firmware, I can't say what capabilities it has (it's often quite limited in this regard). Mostly like NOT.

You need the ability to assign a specific OpenVPN client IP (e.g., 10.8.0.2) to his connection to uniquely identify it (unless he's the only using it). Then you need low-level access to the firewall to restrict his IP on the tunnel to that specific destination IP (e.g., 192.168.1.201). With third-party firmware (e.g., Merlin), this kind of thing is done all the time.
 
Last edited:

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top