73
edits
Changes
mLine 49:
Line 49: − + Line 58:
Line 58: − + Line 102:
Line 102: − + − Add clients which LAN address You want to have access to, in our case, we add all 3 clients+ − + − + − − Line 125:
Line 123: − + Line 135:
Line 133: − + Line 141:
Line 139: − +
no edit summary
Connect to WebUI and enable Advanced mode
Connect to WebUI and enable Advanced mode
[[File:Networking rutos manual webui basic advanced mode 75.gif|none|thumb|alt=|1000x1000px]]
[[File:Networking rutos manual webui basic advanced mode 75.gif|none|border|center|class=tlt-border]]
Navigate to '''Services -> VPN -> OpenVPN'''
Navigate to '''Services -> VPN -> OpenVPN'''
[[File:OpenVPN server settings v3.png|none|thumb|alt=|1000x1000px]]
[[File:OpenVPN server settings v3.png|none|border|left|class=tlt-border]]
1) Client to client – disabled
1) Client to client – disabled
==TLS Clients==
==TLS Clients==
  1. On the OpenVPN server router, navigate to '''Services -> VPN -> OpenVPN''', Press "'''Edit'''" on the server, scroll down and add TLS clients
  1. On the OpenVPN server router, navigate to '''Services -> VPN -> OpenVPN''', Press "'''Edit'''" on the server, scroll down and add TLS clients and add clients which LAN address You want to have access to, in our case, we add all 3 clients
[[File:TLS Client 1 v2.png|none|border|left|class=tlt-border]]
[[File:TLS Client 2.png|none|border|left|class=tlt-border]]
[[File:TLS Client 1 v2.png|none|thumb|alt=|1000x1000px]]
[[File:TLS Client 3.png|none|border|left|class=tlt-border]]
[[File:TLS Client 2.png|none|thumb|alt=|1000x1000px]]
[[File:TLS Client 3.png|none|thumb|alt=|1000x1000px]]
  Navigate to '''Network -> Firewall -> General settings -> Zones''' and set OpenVPN zone to forward traffic to LAN
  Navigate to '''Network -> Firewall -> General settings -> Zones''' and set OpenVPN zone to forward traffic to LAN
[[File:OpenVPN to LAN zone forward.png|none|thumb|alt=|1000x1000px]]
[[File:OpenVPN to LAN zone forward.png|none|border|left|class=tlt-border]]
  1. Navigate to '''Services -> VPN -> OpenVPN''' press '''"Edit"''' on the OpenVPN client and add routes to other client LAN subnets. In this image, we are editing Client 1's configuration's extra options, to add routes to <b>Client 2's (192.168.20.0/24)</b> and <b>Client 3's (192.168.30.0/24)</b> LAN subnets.
  1. Navigate to '''Services -> VPN -> OpenVPN''' press '''"Edit"''' on the OpenVPN client and add routes to other client LAN subnets. In this image, we are editing Client 1's configuration's extra options, to add routes to <b>Client 2's (192.168.20.0/24)</b> and <b>Client 3's (192.168.30.0/24)</b> LAN subnets.
[[File:OpenVPN client routes.png|none|thumb|alt=|1000x1000px]]
[[File:OpenVPN client routes.png|none|border|left|class=tlt-border]]
=Controlling access with firewall=
=Controlling access with firewall=
Navigate to '''Network -> Firewall -> Access Control''' and create a new deny rule. In this example, we are denying Client 3 from accessing any other clients and their LAN networks
Navigate to '''Network -> Firewall -> Access Control''' and create a new deny rule. In this example, we are denying Client 3 from accessing any other clients and their LAN networks
[[File:Deny Client3 rule v2.png|none|thumb|alt=|1000x1000px]]
[[File:Deny Client3 rule v2.png|none|border|left|class=tlt-border]]
