SSL VPN - Allow Single Host

Forum|Forum|6 years ago
December 10, 2019
2 replies
7834 views

When I VPN I only want 1 IP allowed on a particular subnet. Is this possible? I tried creating the Address 192.168.1.120/32 and adding that the destination but it does not work.

VPN

Toshi_Esumi

SuperUser

Is it the allowed internal destination to get to from the client side? Or IP pool for the SSL VPN client?

intel233Author

New Member

The 192.168.1.0/24 is not in the destination for the SSL VPN.

Toshi_Esumi

SuperUser

So you configured it under SSL VPN Portals->Source IP Pools (GUI), or config vpn ssl web portal/edit "portal_name"/set ip-pools </32_name> (CLI)? I think it should work.

ShawnZA

New Member

intel233 wrote:
When I VPN I only want 1 IP allowed on a particular subnet. Is this possible? I tried creating the Address 192.168.1.120/32 and adding that the destination but it does not work.

Yes that's normal to lock your VPN down to single IP's ports etc. Who allows everything, that would be crazy!

Is that /32 in a new range that you are using? Has that been specified as a routing address the VPN clients can access under the VPN Portal settings? If not add it there as well or else the new rule will not work....

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded