Hello Peter,
In my humble opinion, though I may be wrong, this isn't really OpenVPN's
role, in fact. Beside the VPN, you should have some kind of network
configuration limiting the accessibility of your internal servers (for
example via iptables or something built upon it).
Of course, via the OpenVPN directive "push" you can specify routes, and
one could think in the first place that it could be sufficient to only
specify the routes (and/or IP addresses) the clients are allowed to
connect to, but it is not the case, as it is still possible for an
OpenVPN client to locally add routes even if those routes have not been
pushed by the server. Hence it cannot serve as an efficient security
measure.
Regards,
Bruno
Le 03/11/2024 à 17:59, Peter Davis via Openvpn-users a écrit :
Hello,
I have an OpenVPN server that I use to share the internet. Users
connect to this server and use its internet. When a user connects to
the OpenVPN server, he\she can ping the IP addresses of other servers
on the network. How can I create a restriction?
Thank you.
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
