Messages

Hi,

I posted this in the wrong category by mistake.


I've created a new one here: https://forum.opnsense.org/index.php?topic=36585.0

Hi all!

I have an OPNSense OpenVPN server setup, and I currently have a few VPN servers running on it.

I have realised that users will be able to connect to any VPN server by just editing their config file. However, I'd like certain users to not be able to do that.

Is it possible to restrict which System > Access > user groups access an OpenVPN server?

For example, if a user was in group `vpn-restrict` they would not be able to access three selected servers, but could access the forth by default (no restriction needed for that one).

Thank you all for your help!

Hi all!

I have an OPNSense OpenVPN server setup, and I currently have a few VPN servers running on it.

I have realised that users will be able to connect to any VPN server by just editing their config file. However, I'd like certain users to not be able to do that.

Is it possible to restrict which System > Access > user groups access an OpenVPN server?

For example, if a user was in group `vpn-restrict` they would not be able to access three selected servers, but could access the forth by default (no restriction needed for that one).

Thank you all for your help!

I've got this to work now.
I created an outbound NAT rule to redirect everything using the internal range of the VPN server to be using the virtual IP address

Hello!

I currently have a OpenVPN server configured on OPNSense to allow access to the internal subnets and route all traffic through the VPN. This works great. However, it is currently using the default IP address assigned to the firewall. I'd like for it to use one of the virtual IPs I've assigned to the firewall instead. How would I do this? I cannot see any good way for this to happen.

Thanks!