TL-R600VPN Creating a tunnel for intenet access only? [Edit: RESOLVED]

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-R600VPN Creating a tunnel for intenet access only? [Edit: RESOLVED]

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-R600VPN Creating a tunnel for intenet access only? [Edit: RESOLVED]
TL-R600VPN Creating a tunnel for intenet access only? [Edit: RESOLVED]
2020-05-18 11:31:32 - last edited 2021-04-19 11:10:47
Model: TL-R600VPN  
Hardware Version: V4
Firmware Version: latest

I have succesfully configured the R600VPN at home in UK as a server for Client to Server L2TP.

 

I can connect to the VPN from various devices and access the internet appearing as if I am at home and also see various devices on my home network 192.168.0.x including the router which is set up as default to 192.168.0.1

 

I would now like to set up an additional VPN connection that only provides Internet access and does not expose any of my devices that are on 192.168.0.x to the VPN clients. I'm struggling with this and could use some help,

 

For the second scenario I've set up a VPN IP POOL of 10.10.10.200 to 10.10.10 220. I use this pool for my second connection and also assign the Local IP Address of 10.10.10.190 for the user connection.   I've set up a NATS transmission from 10.10.10.0/24 to the WAN. This second connection works and I can access the internet, however I can still navigate from my 10.10.10.x VPN address to the 192.168.0.x hosts

 

Clearly the router is doing its thing and routing between the 2 networks.

 

How do I prevent any 10.10.10.x VPN client connections being able to see 192.168.0.x whilst retaining the ability to connect to the internet.

 

I've tried a firewall Block configuration but that hasnt worked.

 

Any help greatly appreciated.

 

 

----------------Edit: Resolved--------

 

When I created the Firewall Access Control rule I had only selected LAN as the interface to apply the rule on. By changing this setting to apply to ALL interfaces then the VPN client connection can still see the internet but none of the 192.168.0.x hosts (with the exception of the gateway itself)

  0      
  0      
#1
Options