Answer the question
In order to leave comments, you need to log in
R
R
rukipalki2017-01-25 23:52:12
rukipalki, 2017-01-25 23:52:12
VPN client inside the network should see only 1 ip address, how?
Good afternoon!
There is such a solution, through windows 2008 a VPN client gets into the network, it is always assigned a static address 192.168.1.170, it is necessary that he sees only 1 resource 192.168.1.195 inside the network. The network is built on Mikrotik. How can this be implemented?
Thank you!
2 answer(s)
@moneron89
@Belyj
A
Alexander Romanov, 2017-01-26 @moneron89
If stupidly on the forehead - then like this:
With this rule, you will deny the client access to everything except the address of this resource. If the client is Windows, then it will also not be able to go to the Internet at this moment, because it prescribes vpn as the default gateway for itself. Then you can also add out-interface = to the rule! ether1-wan , this should help. Do not forget to change the interface name to the actual one for your router.
V
Viktor Belsky, 2017-01-26 @Belyj
ip firewall filter
add chain=forward src-address="192.168.1.170" dst-address="192.168.1.195" action=accept
add chain=forward src-address="192.168.1.170" action=drop
Similar questions
A
S
S
E
R
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question