Netgate SG-1000 microFirewall

Author Topic: OpenVPN Server to VLAN rule  (Read 86 times)

0 Members and 1 Guest are viewing this topic.

Offline joelones

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +0/-0
    • View Profile
OpenVPN Server to VLAN rule
« on: February 02, 2018, 11:23:49 am »
I'd like to give access to a particular VLAN (VLAN 10, 192.168.10.0/24) from connections on the OpenVPN server (10.0.8.0/24).

I have the default rule as attached below. Shouldn't that be enough for communication to the VLAN? Yet it does not work.

EDIT: I just realized that there's a "IPv4 Local network" allowable networks field in the server configuration. Is that it?
« Last Edit: February 02, 2018, 12:49:51 pm by joelones »

Offline viragomann

  • Hero Member
  • *****
  • Posts: 2675
  • Karma: +284/-1
    • View Profile
Re: OpenVPN Server to VLAN rule
« Reply #1 on: February 02, 2018, 02:11:28 pm »
EDIT: I just realized that there's a "IPv4 Local network" allowable networks field in the server configuration. Is that it?
Yes, you have to enter the VLAN 10 network, 192.168.10.0/24 into the "IPv4 Local network" box.

However, this field is not for allowing access, its just for pushing routes for network entered to the client. To block access from VPN clients to other networks you should restrict the firewall rule on OpenVPN interface to only allow access only to VLAN10.