Author Topic: Limit VPN connection to an external IP  (Read 792 times)

DiegoS

  • Zen Apprentice
  • *
  • Posts: 35
  • Karma: +0/-0
    • View Profile
Limit VPN connection to an external IP
« on: November 24, 2015, 09:55:37 am »
Hi everyone.

Is there any possibility to limit on the VPN module only allowing connections from a particular external IP? I have not seen anything on connection settings .

Nor have I managed to deny connections from an IP to VPN server using firewall rules nor external to Zentyal nor Zentyal to external. It seem as VPN server bypass the firewall rules .

Any idea??

Salu2

jbahillo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1444
  • Karma: +77/-2
    • View Profile
Re: Limit VPN connection to an external IP
« Reply #1 on: November 24, 2015, 04:15:48 pm »
Hello:

If you deny external connections to port 1194 that should do the job. I have not tested, but if this is not working for you check kern.log and use iptables debugging to check why your rule is not matching that kind of traffic

DiegoS

  • Zen Apprentice
  • *
  • Posts: 35
  • Karma: +0/-0
    • View Profile
Re: Limit VPN connection to an external IP
« Reply #2 on: November 24, 2015, 04:51:59 pm »
I've already created a external rule for DENY connection from an external IP to "All Ports",
but I can connect to my VPN Server from this IP.

Looking on Firewall Logs and Kern.log can't see any notification incoming from this IP to my Zentyal Server.