Restrict VPN user to access one network device (Draytek)

Needed a remote user to be able to access a server (with admin rights) but nothing else on the LAN. Without getting into detail, the option for using VLANs (tagged or otherwise) wasn’t available, so needed a simple solution. Using the existing Draytek router I created a ‘remote dial-in user’ account and gave the connection a specific internal IP address. Then in the firewall rules on the router I configured two entries on it so that this specific address could only access the one internal address, all others were blocked as per this Draytek KB article.

Related Posts

Need IT Help?

If you need assistance please feel free to reach out to us.