--- Quoting Daniel Eyholzer on 2005/08/17 at 15:58 +0200: > I have tried to change Network and Netmask in the [default-route] section > from 0.0.0.0 to the network and netmask of one of the vlan subnetworks, but > it does not help. I can still connect to the other subnet if I define them > in the client. Anyone knows how I can restrict access to only one of the > vlan subnets?
I don't know why those changes aren't working, however, have you tried: - setting a policy via isakmpd.policy that restricts 'remote_filter' - blocking traffic using pf .joel