Restricting admin access for SpeedFusion VPN clients

Barry_Twycross1250 · March 27, 2025, 9:38pm

I’m just configuring a B20x which will be remote. SpeedFusion VPN is working fine, the local and remote networks see each other.

What I want to do is lock down the admin access on the remote B20x, so only certain clients can log into it. Specifically, anything directly connected to the remote B20x, or specific hosts on my network here, which is on the SpeedFusion VPN network.

The problem is I can’t see any tools in the firewall or elsewhere which can restrict SpeedFusion clients.

Or more generally, the SpeedFusion traffic has no obvious origin that you can point to. (So another question is where is the origin or SpeedFusion traffic, as seen by the B20x?)

There’s also the LAN Connection Access Settings, “Allow this network only”, but that restricts it to a certain VLAN. The SpeedFusion traffic does not seem to be associated with any VLAN. So if I set that, I can’t access the B20x via SpeedFusion.

I tried all the various Firewall Access Rules, and banned the IP network of the SpeedFusion traffic, and none of the options (Outbound, Inbound, Internal, or Local) had any effect on the access to the admin interface.

neterra · August 14, 2025, 2:42pm

Today I just hit on the exactly same problem. I have working speedfusion VPN with FusionHub and few remote branches. HQ is connected to the FusionHub. I would like to allow web admin access of all remote branches only from HQ local subnet via Speedfusion VPN.

I have tried to find some option but didn’t find anything.

I see there are option to limit:
LAN Connection Access Settings
WAN Connection Access Settings

But didnt see Speedfusion Interface anywhere as option to select nor to specify subnet coming not from WAN or LAN.

I will be highly appreciate if someone can help to find fix on this problem.