PPTP VPN Restrict Internal Traffic

D

darkmoo

Is there a way in RRAS for Windows 2003 to restrict internal traffic for a
VPN user. ie. User one connects & should only have connectivity to one
target IP within LAN?
 
J

Janani Vasudevan [MSFT]

You can do this by using 'Remote access policies'. Follow the below steps
for this:
1) Create a user group say "GRP1" and add the user for whom you want to
restrict access say"User1" to this group. (We need to do this because we can
specify only user groups in the conditions of the remote access policy and
cannot specify the user itself.)
2) Now create a remote access policy with conditions saying "User group
matches 'GRP1'"
3) In the Profile of this remote access policy, in the IP tab under "IP
filters" select the inbound/outbound filters that you want to be applied for
this particular user group and hence user.

Let me know if you need more clarifications
--
Janani Vasudevan [MSFT]
Software Design Engineer/Test
RRAS, Windows Enterprise Networking

http://blogs.msdn.com/jananiv

RRAS blog: http://blogs.technet.com/rrasblog

[This posting is provided "AS IS" with no warranties, and confers no
rights.]
 
R

Robert L [MVP - Networking]

Janani,

Thank you for the tip.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
You can do this by using 'Remote access policies'. Follow the below steps
for this:
1) Create a user group say "GRP1" and add the user for whom you want to
restrict access say"User1" to this group. (We need to do this because we can
specify only user groups in the conditions of the remote access policy and
cannot specify the user itself.)
2) Now create a remote access policy with conditions saying "User group
matches 'GRP1'"
3) In the Profile of this remote access policy, in the IP tab under "IP
filters" select the inbound/outbound filters that you want to be applied for
this particular user group and hence user.

Let me know if you need more clarifications
--
Janani Vasudevan [MSFT]
Software Design Engineer/Test
RRAS, Windows Enterprise Networking

http://blogs.msdn.com/jananiv

RRAS blog: http://blogs.technet.com/rrasblog

[This posting is provided "AS IS" with no warranties, and confers no
rights.]
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN Routing Problems...Cannot route from server side to client sid 3
VPN connects, Unable to ping anything but the VPN server 7
VPN restrictions 2
VPN access to LAN using RRAS on W2K *behind* firewall? 6
PPTP Ports Missing 1
Help with Site-to-site VPN using 2k3 RRAS 2
Windows 2003 vpn server with no firewall...safe? 3
Change IP Pool in RRAS 13

Top