On Fri, 20 Oct 2023 22:12:18 +0200, Antonio Quartulli <a...@unstable.cc> wrote:
>Hi, > >On 20/10/2023 21:35, Bo Berglund wrote: >> What have I missed? > >Breaking your setup in mysterious ways is not going to help :-) > >As Gert pointed out, what you want to achieve requires configuring the >firewall to prevent access to the LAN subnet. > So you mean using the same service conf file as for the web + LAN operation, but with a different tunnel subnet and different port? That would allow LAN access. Then using IPTABLES blocking sucg LAN access for that tunnel range. I will make some new tests later and see if that is working. I am worried that if the destination happens to be the gateway to the internet, like it would when browsing via the tunnel, will it be allowed??? I will see later, now heading out... -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
