Block Traffic Between VPN Clients

How to: block traffic between VPN clients

OpenVPN Access Server has the option to block traffic between VPN clients on a global scale. With global we mean to say; for all VPN clients. The VPN clients can still access resources they've been given access to, but they won't be able to contact other VPN clients. There is an override available for Administrators and for specific users. The override is explained further on in this document. This tutorial comes with screenshots for every step - just click on the blue line to see the accompanying screenshot for that step.

First open the 'Admin UI' web interface and log in as an administrator. The default user is 'openvpn'."

Click on 'Advanced VPN' in the menu on the left."

If you block traffic here, you can make an exception for Administrators here, or for specific users under 'user permissions'."

Click on 'Save Settings' at the bottom of the page to save the settings."

At the top of the page now click on 'Update Running Server' to commit the changes."

You will receive a confirmation message that the changes have been made. You're done."

Exception: allowing specific users access to other VPN clients

As mentioned above, once traffic between VPN clients is blocked, an exception can be made for Administrators or for specific users. To make an exception for all users with the 'Administrator' attribute you can do so under 'Advanced VPN' as described in the tutorial above. To make an exception for specific users follow the guide below;

First open the 'Admin UI' web interface and log in as an administrator. The default user is 'openvpn'."

Click on 'User Permissions' in the menu on the left to open the user permissions screen."

Find the user in the list that you want to give access to other VPN clients, and click on 'Show'."

Put a checkmark in the checkbox 'all other VPN clients'."