Block Network Access (mutual communication) between 2 VPN user on same VPN server but different network

miankamran7100 · August 29, 2023, 12:05pm

I have L2TP VPN on my Mikrotik
I have 2 VPN users
both users have different Network

Client A with IP 192.88.16.2/24
Client B with IP 192.168.110.201/24

I want to Block network access (everything between two users)

Client A with IP 192.88.16.2/24 can’t ping Client B with IP 192.168.110.201/24
and
Client B with IP 192.168.110.201/24 can’t ping Client A with IP 192.88.16.2/24

I have tried the filter rule but it’s not blocking

13 ;;; Remote VPN Blocked to LAN Access
chain=output action=drop dst-address=192.88.16.2 log=no log-prefix="
vpn block.PNG

erlinden · August 29, 2023, 12:31pm

Please work on your basic knowledge mate:
https://en.wikipedia.org/wiki/Private_network

As soon as you know the error AND have adjusted your firewall as requested in one of your other topics…I’m willing to help you gladly.

Larsa · August 29, 2023, 12:44pm

@miankamran7100
Suggestion:

Add both IP addresses to an address list called “Blocked”
create a “forward” rule with the action “drop.” and set the source and destination address lists to “Blocked.”

miankamran7100 · August 29, 2023, 1:02pm

ok sir I will try and let you know

miankamran7100 · August 29, 2023, 4:57pm

I have tried but not working,
please recommend any other way Sir

miankamran7100 · August 29, 2023, 5:03pm

Sir, I have tried many ways.
Please help me in this regard
Thanks

erlinden · August 29, 2023, 5:20pm

https://mikrotik.com/training/

Tommmyz · August 31, 2023, 2:02pm

Sir, I have tried many ways.
Please help me in this regard
Thanks

Paste your config

anav · August 31, 2023, 3:06pm

Easy to do in wireguard ~~