So I have previouisly configured a lot of servers which do one of 3 things: 1 - Client access to the Internet AND to the server side LAN 2 - Cliuent access to the server side LAN only, no forwarding to the web 3 - Client only has access to other client on the same VPN server
Now I would like to add one more type, web-only: 4 - Clent can only access the web through the server side gateway but not the local LAN What is the simplest way to accomplish this? I have these commands in the conf for the various types above: 1 - Local and web access push "redirect-gateway def1 bypass-dhcp" #This makes the client access Internet push "route 192.168.xxx.0 255.255.255.0" #Gives access to local LAN push "dhcp-option DNS 192.168.xxx.1" #Local router push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 8.8.8.8" 2 - Local access only: push "route 192.168.xxx.0 255.255.255.0" #Gives access to Local LAN push "dhcp-option DNS 192.168.xxx.1" #Local router push "dhcp-option DNS 208.67.220.220" #Public server push "dhcp-option DNS 8.8.8.8" What do I need to do to get the web only config? push "redirect-gateway def1 bypass-dhcp" #This makes the client access Internet push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 8.8.8.8" I.e. is it enough to remove the route into the local LAN for this to be blocked and only allowing web access forwarding? -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
