[RESOLVED]Access list block IP

[texas_72]

Good morning,
I installed the latest version of softether server on my raspberry, i enabled SecureNAT and works very well.
Now I wanted to block the following ip, in my network, for the admin user:
192.168.1.40
192.168.1.41
192.168.1.42
How can I do?
I searched the forum, but I could not figure out how.
I did some tests but passes all traffic.

Thanks a lot

[raafat]

It's easy (:, provide us more info so that i can figure out what you need exactly (:


Good luck

[texas_72]

raafat wrote:
> It's easy (:, provide us more info so that i can figure out what you need
> exactly (:
>
>
> Good luck

Many thanks Raafat
At home I have a network with softether server installed on raspberry.
In this network i have different IP connected devices.
I need that the followings ip of my home network:
192.168.1.40
192.168.1.41
192.168.1.42
are not accessible, from external clients vpn.
Example :
If I connect, from my office to my home, I do not want them to be accessible ipxxx.xxx.xxx.40,41,42.

Sorry for my English.

Many thanks

[texas_72]

Please can help me.
Thanks

[texas_72]

Use the Virtual DHCP Server (SecureNAT).

I solved the problem with the following rules.

Discard all connections priorities in 1000;
Pass DHCP connection DstIpv4 = 255.255.255.255 SrcIpv4=0.0.0.0 Protocol=UDP Port=67-68 priority 200;
Pass Protocol=TCP Established priority 199;
Pass my ip example DstIpv4 = 192.168.1.xx, Protocol=TCP DstPort=80 priority 198;

I have seen that with the rules enabled the connection is slower.

I disabled IpRawModeSecureNat and now works well.

[mbrcomp]

Don't the block connection with priority 1000 overcomes all previous rules ? Please see my post http://www.vpnusers.com/viewtopic.php?f=7&t=5369