Anybus Defender 4000 Series and up, with DPI or PRO licenses.
Two OpenVPN servers, one with the users and one with the devices.
Anybus Defender 2.5.2-2025111723
Note: This will only work if the user is on a different OpenVPN server from the devices.
After creating the servers and the users you should add a static IP to the devices, go to VPN -> OpenVPN -> Client Specific Overrides -> +Add
In “Server List” select the server that the user you are adding is on.
In “Common Name” write the name of the user you are adding.
Furthers down you will see “Advanced”, in this square write
“ifconfig-push 172.25.110.7 255.255.255.0"
“172.25.110” is the Tunnel-IP and “.7” is the unique IP for the user/device.
Under Firewall -> Template Rules -> Rules go to the OpenVPN tab and create a rule that looks like this:
Action: Block
Interface: OpenVPN
Protocol: Any
Destination: Configured IP of Device “172.25.110.7” in this case.
Under Firewall -> Template Rules -> Rules go to the OpenVPN tab and create a rule that looks like this:
Action: Block
Interface: OpenVPN
Protocol: Any
Destination: Real IP of Device “10.10.10.5” in this case.
After the rules have been created go to Firewall -> Template Rules -> Templates, press “Add New Template”.
Add a name and description and under “Rules” select the rule you made, if you need to add more rules press “+ Add another entry”.
After that go to System -> User Manager and then edit the user that should not have access to the device.
Select the Rule and then press “>> Move to “Apply Template” list” and then save.
After that we must go to Interfaces -> Assignments and add the servers to the interfaces. Check “Available network ports:” and in the list the servers will be named ovpns1 () and ovpns2 ()
They will be named OPT# (number depending on your interfaces) click the name and you can enable the interface and change the name
Do this for all servers.
If you are logged in as the user you will need to reconnect otherwise the rules wont be applied.
