Community discussions

MikroTik App
 
ctello
just joined
Topic Author
Posts: 1
Joined: Mon Nov 12, 2018 7:59 pm

OVPN without changing PUBLIC IP (Access to LAN resources only)

Tue May 19, 2020 5:28 am

Hello friends. I have an RB2011 router with two internet connections.
WAN1 = 180.1.1.1
WAN2 = 200.2.2.2

LAN = 10.0.0.1/24

VPN_POOL = 192.168.0.1/24 OVPN with certificate working correctly NAT mapping with WAN 1 and WAN2 to RDP all good.
When a client connects to the Mikrotik through OPVN, his PUBLIC IP changes and accesses all the resources of my LAN correctly.

The problem I have is that when this happens all the client's navigation goes through my router and consumes my bandwidth through my IP, I just want it to access LAN resources and navigate with its PUBLIC IP.

If the client accesses YouTube / Google / Netflix / Etc. use your bandwidth without going through my ROUTER.

If the client accesses 10.0.0.0/24 use the VPN.

Any suggestion.
Thank you very much for your support.
 
User avatar
mutluit
Long time Member
Long time Member
Posts: 505
Joined: Wed Mar 25, 2020 4:04 am

Re: OVPN without changing PUBLIC IP (Access to LAN resources only)

Wed May 20, 2020 10:12 pm

The firewall is your friend :-) You can limit/restrict/block his access there.
Check also the routing.
And: normally he has to set the routing appropriately on his machine.
See also https://superuser.com/questions/1112515 ... n-mikrotik :
... Add a filter rule in Mikrotik Firewall that allows traffic from VPN IP address of your consultant to the specified PC. Then add a filter rule which denies any access from consultant's VPN IP address to anywhere.
Consultant's VPN IP address is the IP address which Mirotik gives to VPN connection of your consultant. You can configure VPN server to give a specific IP address to a specific VPN username and password.

Who is online

Users browsing this forum: amt and 35 guests