EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Monday 23 December 2024, 08:18:02 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
VPN Support
Does anyone know if VPN Routing works in 2.5.1??
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Does anyone know if VPN Routing works in 2.5.1?? (Read 11417 times)
ChiefEngr
Jr. Member
Offline
Posts: 2
Does anyone know if VPN Routing works in 2.5.1??
«
on:
Thursday 09 August 2012, 04:58:01 am »
After looking through the forum, I see alot of people having the same problem I am having -- trying to route traffic between OpenVPN Users and specific zones or servers. Either it doesn't work, or there is some subtle thing we are all doing wrong.
Here's my particular situation:
My goal is to restrict the internal endpoints that each VPN user can access. In some cases, these will be DMZ (Orange) servers, while in other cases, the VPN user will have access to the entire DMZ (Orange) and LAN (Green) networks. VPN users do not need to access the WAN (Red) network through the tunnel.
I've confirmed that OpenVPN is installed and working properly on my EFW system and on a client computer by enabling the OpenVPN server, bridging it to the GREEN Zone, and setting a dynamic IP range in my LAN's subnet. I also created a sample user (user.green) with no Client routing or push configurations set. From an external network, I am able to establish a tunnel and freely access all of the endpoint on my LAN.
For my real application, consider the case of two more users: user.orange and user.restricted. The goal is for:
> user.green to be able to access the entire LAN (Green Zone)
> user.orange to be able to access the entire DMZ (Orange Zone)
> user.restricted to be able to access only ONE specific server (which could be in either the LAN or DMZ)
Here’s what I’ve done (with no success)…
1) Changed the OpenVPN Server configuration to NOT bridged, and assigned a VPN Subnet that is not within any of my internal (LAN or DMZ) subnets.
2) Enabled the VPN Firewall (under Firewall > VPN Traffic).
3) Added a new VPN Firewall Rule:
Source: OpenVPN User “user.green”
Destination: Zone GREEN
Any service or Port
Action: ALLOW
After restarting and establishing the OpenVPN Connection, user.green cannot access anything anywhere.
I have tried fiddling with all sorts of rules, users, routing – all with no joy.
Can anyone point me in the right direction?? Or, can this software simple NOT do what I am trying to accomplish??
Thanks in advance for any assistance anyone can provide.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com