How can I restrict access to only 1 host on my LAN for VPN?

Forums Network Management VPN How can I restrict access to only 1 host on my LAN for VPN?


Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
  • #44534

    Is it possible to restrict access to only one host on my LAN for the VPN users?
    They only need to use my local Jabber XMPP server in order to voice and video conference and do not need access to any other servers or file shares etc.

    How can I set it up for that on ZS?


    Here is the procedure of restrict access to only 1 host on the LAN for VPN.

    Create a new group-policy that has the split-tunnel with only the host/network I want the VPN user to access. Then create a ACL to only allow network access to what you want. Apply this ACL to the GP with the following command: vpn-filter value (you have to apply this when you are in the GP attributes). Then make a new group-tunnel and tie it back to the new GP. Now you can give this user the new PCF and the user will be locked down to the host / network you specified.

    I hope this guide helps you, If you want to do that with VPN for security so check this Fastest VPN Service list.


    I ended up using netmask.

    Red Arrow

    Is it the same for any VPN client or not? I just found a guide on how to use Tunnelbear and there are no info about such issues there. So if I follow instructions from here, will it be working?

    Habana vee

    You have to set a rule to the IPVanish interface to allow access from VPN clients. For testing use Diagnostic Ping. Try a ping to your LAN host with default source and then change the source to IPVanish read reviews and their compatible devices they support.

    If you don’t get a response from VPN ensure that your host doesn’t block access from IPs outside of its subnet.

    Jennifer Lovell

    Nice to know about this processes, will try it this weekend!!!

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.