![]() ![]() Next, let's translate this map into an OpenVPN server configuration. For our example, we will assume the firewall is Linux iptables.įirst, let's create a virtual IP address map according to user class: Class Note that one of the prerequisites of this example is that you have a software firewall running on the OpenVPN server machine which gives you the ability to define specific firewall rules. Our IP allocation approach will be to put all employees into an IP address pool, and then allocate fixed IP addresses for the system administrator and contractors. ![]() In our example, suppose that we have a variable number of employees, but only one system administrator, and two contractors. The basic approach we will take is (a) segregate each user class into its own virtual IP address range, and (b) control access to machines by setting up firewall rules which key off the client's virtual IP address. Contractors - access to a special server only.Employees - access only to Samba/email server.System administrators - full access to all machines on the network.Suppose we are setting up a company VPN, and we would like to establish separate access policies for 3 different classes of users: ![]()
0 Comments
Leave a Reply. |