Hi there everyone,
I have followed the OpenVPN 2.0 howto on the website and set up a routed
VPN. The purpose of this VPN is to put all of the servers I administrate
on (some can only be accessed through vpn since they on insides of
networks where admins refuse to forward ports). For the occasional
login, pings for status checkups with nagios, et cetera.
I have enabled the "client-to-client" option in the server's
configuration file, so all clients can access all clients. However this
is not how I want it. This is an example of the setup (star topology):
Desktop Laptop
VPN Server
Box1 Box2 Box3 Box4
I'd like Desktop, Laptop and VPN Server to have access to any of the vpn
clients and vpn server.
I'd like Box1 .. Box4 be able to talk to the VPN Server and vice versa,
but not have access to any other client in the vpn. In other words, Box1
must not be able to connect to Box2 and so forth.
A better way of explaining might be this:
For Box1 to Box4, I'd like the VPN to behave as if "client-to-client" is
not enabled
For Desktop, Laptop, I'd like the VPN to behave as if "client-to-client"
is enabled
Unfortunately I have no idea on how to accomplish this at all. Should it
be firewall, routing or configuration issues? I'd prefer to have this
access idea controlled from the server.
Anyone that can please point me in the right direction?