Posted: Fri Oct 02, 2015 3:26 Post subject: PPTP Server subnet block?
my primary LAN/WLAN IP is 192.168.1.x where 192.168.1.1 is my router. The same router has a public WAN ip. I setup the PPTP server on ddwrt and have it issueing out 192.168.1.x pptp client IP's and thats all fine. However I have some clients that I am hoping to have it so based on PPTP username I want them to get a 192.168.3.x IP but the important thing is I dont want anything on 192.168.3.x subnet to see anything on any other subnet really only 192.168.1.1 since it has all my lan devices.
how do I configure pptp server to issue 192.168.1.x IPs and 192.168.3.x IPs based on pptp username and make it so the .3 subnet can not see the .1 subnet?
Joined: 28 Jun 2011 Posts: 223 Location: Vilnius, Lithuania
Posted: Fri Oct 02, 2015 15:19 Post subject:
You should use subnetting. Let`s say put a /25 mask on your 192.168.1.x. Then put main clients on first half: 192.168.1.1-127 and pptp clients on other half 192.168.1.128-254. Of course you can do subnets of your liking /26, 27, etc _________________ [Atheros] TP-Link TL-WR842ND v2 revision 27858 (VPN, PPTP server, AD blocking)
[Atheros] TP-Link TL-WR740N v3 revision 27506 (AD blocking)
[Ralink] Asus rt-n10plus C1 revision 27858 (Public AP NAT, QoS, AD blocking)
I was able to get PPTP to work with assigning the correct IPs to PPTP clients such as 192.168.3.x as where the rest of my LAN gets 192.168.1.x IPs.
The issue im having now I guess is setting iptables to block the 192.168.3.x subnet from seeing 192.168.1.x subet (expect inet access) but I want the 192.168.1.x to be able to see the 192.168.3.x subnet. How do I set iptables to do this?