3.3 OpenVPN + firewall

[logdog]

hi2all

I can not block access from 192.168.160.2 to the terminal server 10.0.0.4
I need to 192.168.160.2 - block, and for 192.168.160.4 - resolved.

Network diagram
http://floomby.ru/s1/xWWtm4

Configuration VPN
http://floomby.ru/s1/HWW8dU
http://floomby.ru/s1/aWW8d2

Firewall - Filtering rules for internal networks
vpn.jpg

This's a bug or my fault?

ps: sorry for my english.

[logdog]

up (

[ismaelnoble]

So having a firewall rule 'deny 192.168.160.2 all to 10.0.0.4' does not work...if u really need to block access to a VPNed system but not another on the same network sounds like an inefficient way to do things. Maybe u should have 2 VPN servers running on the zentyal. One can have access to ur terminal server and the other does not

[logdog]

Maybe u should have 2 VPN servers

if I need to block access to the domain server 10.0.0.6 - 3 vpn servers, something else to block - n-vpn servers ....
I think - it is wrong to create as many vpn servers, but even if I create a vpn servers, how to allow access оn 10.0.04 only 1 port blocked (10.0.0.4:3389)?