Community discussions

 
drfunk89
newbie
Topic Author
Posts: 33
Joined: Fri Nov 20, 2009 6:17 pm
Contact:

Limit PPTP user to only see a range of IP's

Tue Mar 23, 2010 2:05 pm

MT forum can you help me please, i have the idea of what i need to do but putting it into a firewall rule is a little more tricky!
I basically want to limit PPTP user "John Smith", when he VPNs into our network, that he will only be alllowed to ping/"see" a certain range of addresses or even one or two, does this sound possible?
It doesnt matter what address he assigned just what he can "see"...
Thanks in advance!
 
User avatar
NAB
Trainer
Trainer
Posts: 503
Joined: Tue Feb 10, 2009 4:08 pm
Location: UK
Contact:

Re: Limit PPTP user to only see a range of IP's

Tue Mar 23, 2010 4:09 pm

In the PPP profile settings, add a value for incoming and outgoing filters for any user of that profile. This creates two jump rules in the 'ppp' chain for traffic to and from the appropriate interfaces, then make sure that traffic passes through the 'ppp' chain and create chains named as per the incoming and outgoing filters you created. Then use the firewall filter rules in those chains to limit which IP addresses the client may access.
Nicholas Barnes BSc(hons)
Certified Mikrotik Consultant
Certified Mikrotik Trainer

Vitell - Asterisk, Linux and network consultants
Unofficial IRC channel: #routerboard on irc.z.je
 
drfunk89
newbie
Topic Author
Posts: 33
Joined: Fri Nov 20, 2009 6:17 pm
Contact:

Re: Limit PPTP user to only see a range of IP's

Tue Mar 23, 2010 4:12 pm

That sounds very good but complicated for a beginner!
could you elaborate on your last point please, creating the filter rules......how do you specify IP addresses they can see?

Who is online

Users browsing this forum: MSN [Bot] and 107 guests