Answer the question
In order to leave comments, you need to log in
R
R
RomanMRB2019-11-29 00:40:23
RomanMRB, 2019-11-29 00:40:23
How to restrict VPN users (pptp,l2tp) on mikrotik RB2011?
On mikrotik, 2 networks are raised, let's assume 2 subnets and 6 subnets. VPN PPTP is configured, when connecting via VPN, the user receives the address from the 6th subnet, how to configure privileges so that the user who connects via VPN does not have access (did not see) the 6th subnet, except for his ip, and to the 2nd subnet, except for one address from this subnet. Those. the machine to which they must connect and nowhere else, located on the 2nd subnet, and they themselves are from the 6th. Link to articles if possible. Thank you.
2 answer(s)
@RomanMRB
Just above it put the rule
Thus, we will cut all traffic from the sixth subnet to the sixth subnet, except for traffic from the sixth to the gateway.
If you need to further restrict all the others except the second, then
To be honest, I haven't tried it, but in theory it should work. Maybe the packet flow diagram experts will correct me
E
etoosamoe, 2019-11-29 @RomanMRB
Let's assume that the user connected via vpn received the address 10.1.6.15, other users also receive addresses from 10.1.6.0\24.
Try to make a rule in a chain
forward, action=drop, src-address=10.1.6.0/24, dst-address=10.1.6.0/24Just above it put the rule
forward, action=accept, src-address=10.1.6.0/24, dst-address=10.1.6.1Thus, we will cut all traffic from the sixth subnet to the sixth subnet, except for traffic from the sixth to the gateway.
If you need to further restrict all the others except the second, then
To be honest, I haven't tried it, but in theory it should work. Maybe the packet flow diagram experts will correct me
Similar questions
L
A
B
E
E
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question