Tutorial: Block Traffic Between VPN Clients

Abstract

Control access between VPN clients connected to your server with Access Server's access controls.

Overview

Access Server has the option to block traffic between VPN clients globally, that is, between all VPN clients. End users and client devices can still access resources you grant them access to on the virtual network, but they can't contact other VPN clients.

Administrators and specific users have an override, explained further in this document.

Prerequisites

An installed Access Server.
Configured user accounts.

Step 1: Turn off inter-client communication

Sign in to the Admin Web UI.
Click Configuration > Advanced VPN.
Under Inter-Client Communication, set Should clients be able to communicate with each other on the VPN IP Network? to Yes.
Click Save Settings and Update Running Server.

Step 2: Allow administrator accounts to access VPN users

From the Advanced VPN page in step 1, under Inter-Client Communication, set Allow VPN users with Administrator privilege to access all VPN client IP addresses to Yes.
Click Save Settings and Update Running Server.

Step 3: Allow specific users access to other VPN clients

Sign in to the Admin Web UI.
Click User Management > User Permissions.
Click More Settings for the desired user.
Click the checkbox for Allow Access From all other VPN clients.
Click Save Settings and Update Running Server.
- The specific user now has access to other VPN clients.

In this section: