Specific IP routing for VPN

Posted by Roy on Super User See other posts from Super User or by Roy
Published on 2012-03-29T11:24:31Z Indexed on 2012/03/29 11:33 UTC
Read the original article Hit count: 358

Filed under:
|
|

Is there a way that I can prevent an entire subnet from using internal routing. The VPN server is supposed to be a way to access the company's intranet websites for some people, while for others it is supposed to do routing to the outside only and therefore not having access to any internal websites.

The VPN server has a DNS on the actual server but not all should be using this DNS. Some of the users should be directly sent out of the server to the internet.

Example:

10.0.0.1 is the DNS on the server, gateway for the VPN

10.0.0.2 is a user (A) on the VPN having access to the intranet websites (subnet is 10.0.0.0/25)

10.0.0.192 is a user (B) only needing routing and no access to intranet websites (subnet is 10.0.0.192/26)

All traffic of user B should be directly rerouted out of the server.

I have tried several iptables but without success.

© Super User or respective owner

Related posts about vpn

Related posts about centos