It occurred to me that we could look to assign static IP addresses to VPN clients, but from what I can find online these can only be assigned to user accounts rather than MAC addresses.Īs well as this, even if I can figure out a way to assign static IPs, I'm not sure how to make these work in the whitelist - currently if I try to enter a normal OpenVPN address like 10.8.0.2 to the whitelist, the router is telling me this is outside the router LAN address range (presumably I can add this somehow but I haven't figured out how yet). However, I cannot figure out a way to make this work with OpenVPN. That's easy - we can simply use the strict bind feature of the router to prevent random connections. We have a need to lock down our internal network for client reasons - so the desired outcome is that only whitelisted hardware/MAC addresses can connect to our network via our Draytek 2925 router.
Our business is currently running a VPN using OpenVPN on a server we host ourselves.
