Answer the question
In order to leave comments, you need to log in
D
D
Denis2021-10-18 17:52:02
Denis, 2021-10-18 17:52:02
How to prevent all VPN clients from accessing each other (isolate)?
Hello. Please tell me what rules in the firewall on the server should be registered in order to prohibit all VPN clients from accessing each other .
VPN type: SSTP
VPN network 172.16.16.0/24
If you have a client address and a login with a password, any of this network can go to another client Mikrotik.
It is desirable to make sure that the Internet does not fall off at the same time.
The server itself is in the cloud (CHR)
Addresses are assigned from a pool, or manually in secrets.
UPD. Thanks for the correction, I thought the local network and access to each other is the same thing. But in fact, it is necessary to isolate clients from each other, as I understand it
2 answer(s)
@hanigun
Obviously changed the addresses to their own.
D
Denis, 2021-10-18 @hanigun
Correctly formulated the question and found the answer. It worked. Nothing even fell off :)
Source: https://qna.habr.com/q/966407
/ip route rule
add action=unreachable comment="Block VPN Client-to-Client access" dst-address=192.168.100.0/24 src-address=192.168.100.0/24Obviously changed the addresses to their own.
Similar questions
N
P
V
A
N
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question