Page 1 of 1
VPN Restrictions
Posted: Sat Sep 26, 2020 10:05 am
by lnparkin86
Hey All,
Firstly apologies if this has been discussed in another post, but I cant find the info (probably the way I'm wording my searches).
I have a BiPAC 8900AX R2 on the latest firmware and have setup a L2TP/IPSec client VPN which I can connect to just fine externally. My question is, can I restrict VPN users to a specific IP on my internal network i.e. they can only access a certain device?
Thanks In Advance
Re: VPN Restrictions
Posted: Mon Sep 28, 2020 10:15 am
by billion_fan
lnparkin86 wrote: ↑Sat Sep 26, 2020 10:05 am
Hey All,
Firstly apologies if this has been discussed in another post, but I cant find the info (probably the way I'm wording my searches).
I have a BiPAC 8900AX R2 on the latest firmware and have setup a L2TP/IPSec client VPN which I can connect to just fine externally. My question is, can I restrict VPN users to a specific IP on my internal network i.e. they can only access a certain device?
Thanks In Advance
Under VPN >> L2TP Server option there is a 'Exceptional Rule Group' which can be used to limit the allowed public IP's
To add a allowed Exceptional Rule Group rule follow the steps below
1. Click on 'Configuration >> NAT >> Exceptional Rule Group'
2. Click on 'Edit' button for 'Group 1'
3. In the 'IP Address Range' section enter the IP address you want to allow eg 86.48.184.250 and click on 'Add'
4. Set the 'Default Action' to 'Block' and click on 'Apply'
5. The 'Action' for the IP address you just added should now change to 'Allow' which means this IP address is allowed all other IP's are blocked
6. Finally tag Exceptional Rule Group rule to L2TP Server option.
Re: VPN Restrictions
Posted: Mon Sep 28, 2020 10:01 pm
by lnparkin86
Hi Billion Fan,
I gave that a try on the router this evening. It didn’t seem to block access to anything regardless of what ip or ip range I put in.
I even set it to allow all with a block to the specific afresh i previously wanted to allow as a test, but it still allowed me access when connected via vpn.
Any other ideas or am I asking it to do something it cannot do?
Kind Regards
Re: VPN Restrictions
Posted: Tue Sep 29, 2020 9:19 am
by billion_fan
lnparkin86 wrote: ↑Mon Sep 28, 2020 10:01 pm
Hi Billion Fan,
I gave that a try on the router this evening. It didn’t seem to block access to anything regardless of what ip or ip range I put in.
I even set it to allow all with a block to the specific afresh i previously wanted to allow as a test, but it still allowed me access when connected via vpn.
Any other ideas or am I asking it to do something it cannot do?
Kind Regards
What firmware version are you on?
Re: VPN Restrictions
Posted: Tue Sep 29, 2020 1:38 pm
by lnparkin86
Hey,
The router is running on 2.52 d3
Thanks
Re: VPN Restrictions
Posted: Tue Sep 29, 2020 1:56 pm
by billion_fan
lnparkin86 wrote: ↑Tue Sep 29, 2020 1:38 pm
Hey,
The router is running on 2.52 d3
Thanks
Sorry the steps I provided were for a external restrictions via a public IP, not for internal restrictions.
(there is no option for internal restrictions)
Re: VPN Restrictions
Posted: Tue Sep 29, 2020 3:34 pm
by lnparkin86
Thanks for letting me know.
Perhaps one for a future release
