allow specific source ip for specific user

[cohena]

Hello to all,

How can i allow an acess to a user, from a specific ip and from that ip only?

Thanks in advance for any help.

[cohena]

bump....

[avel]

which OS you are on? You should use firewall to drop connections from others and to accept connections from your specific IP. If your client is on SE VPN client - open for that IP listened ports + port 40000

[cohena]

avel wrote:
> which OS you are on? You should use firewall to drop connections from
> others and to accept connections from your specific IP. If your client is
> on SE VPN client - open for that IP listened ports + port 40000

I am on windows(2008 r2).
It will be dificult to drop all aother connections since it is our main FW which should get(not always allow, but at least get)connections from various sources, that
some i cann not drop.

My client is SE VPN client, but i didnt understood your recomendation, can you expalin it again please?

[avel]

so if this server is your main FW, you should first deny all connections to SE VPN server ports and than allow connection from one IP address. Or look to Access List at SE VPN server if you don't want to do that on your main firewall

[dnobori]

You can specify the client IP address limiting option on the VPN Server configuration.

However, in the current version there are no function to limit each source IP address for each individual user.

[cohena]

dnobori wrote:
> You can specify the client IP address limiting option on the VPN Server
> configuration.
>
Do you mean using the acces list method as avel suggested?
Will a feature like limiting user to specific source ip is considred for near updates?

[dnobori]

I cannot assure that the IP address limiting option per user will be implemented by me in recent future. Currently I have no plan to implement that function.
However, anyone can add such the function you want to SoftEther VPN Server, since SoftEther VPN is an academic open-source project.
https://github.com/SoftEtherVPN/SoftEtherVPN/

There are several contributors for SoftEther VPN Server since the project began, as listed on the https://github.com/SoftEtherVPN/SoftEth ... ntributors page.

If you strongly need your requesting feature, you have three options:
1. Wait until one of the developers will implement the feature which you want.
2. Become a developer to implement the feature which you want.
3. Ask one of the developers to implement the feature which you want.

[cohena]

dnobori wrote:
> I cannot assure that the IP address limiting option per user will be
> implemented by me in recent future. Currently I have no plan to implement
> that function.
> However, anyone can add such the function you want to SoftEther VPN Server,
> since SoftEther VPN is an academic open-source project.
> https://github.com/SoftEtherVPN/SoftEtherVPN/
>
> There are several contributors for SoftEther VPN Server since the project
> began, as listed on the
> https://github.com/SoftEtherVPN/SoftEth ... ntributors page.
>
> If you strongly need your requesting feature, you have three options:
> 1. Wait until one of the developers will implement the feature which you
> want.
> 2. Become a developer to implement the feature which you want.
> 3. Ask one of the developers to implement the feature which you want.


Thank you and avel for your help so far!