lnparkin86 wrote: ↑Sat Sep 26, 2020 10:05 am
Hey All,
Firstly apologies if this has been discussed in another post, but I cant find the info (probably the way I'm wording my searches).
I have a BiPAC 8900AX R2 on the latest firmware and have setup a L2TP/IPSec client VPN which I can connect to just fine externally. My question is, can I restrict VPN users to a specific IP on my internal network i.e. they can only access a certain device?
Thanks In Advance
Under VPN >> L2TP Server option there is a 'Exceptional Rule Group' which can be used to limit the allowed public IP's
To add a allowed Exceptional Rule Group rule follow the steps below
1. Click on 'Configuration >> NAT >> Exceptional Rule Group'
2. Click on 'Edit' button for 'Group 1'
3. In the 'IP Address Range' section enter the IP address you want to allow eg 86.48.184.250 and click on 'Add'
4. Set the 'Default Action' to 'Block' and click on 'Apply'
5. The 'Action' for the IP address you just added should now change to 'Allow' which means this IP address is allowed all other IP's are blocked
6. Finally tag Exceptional Rule Group rule to L2TP Server option.
