# Tenant Security Rules for VPN Access

For DuploCloud users to access internal resources in a Tenant, such as Hosts or databases, you must add security rules to allow a VPN connection. For details on VPN user access, see [VPN Access for Users](/docs/automation-platform/access-control/user-access-and-permissions/add-and-delete-vpn-access-for-users.md).

{% hint style="info" %}
**Note:** Administrators have persistent access to all Tenants and do not need to add individual Tenant access for themselves.
{% endhint %}

## Adding Tenant Security Rules for a VPN

To define tenant security rules for VPN access:

1. In the DuploCloud Portal, navigate to **Administrators** -> **Tenants.**
2. Select the Tenant in the **NAME** column.
3. Click the **Security** tab.
4. Click **Add**. The **Add Tenant Security** pane displays.<br>

   <div align="left"><figure><img src="/files/ewSnJwnF39MkPfjHJQ7O" alt=""><figcaption><p><strong>Add Tenant Security</strong> pane</p></figcaption></figure></div>
5. Complete the fields to configure the security rule.
   * In the example shown, the rule allows traffic originating from the VPN IP address to access resources that are private or internal to the tenant.
6. Click **Add** to save the rule.

{% hint style="info" %}
If you want to grant some VPN users access while excluding others, add a separate security rule for each user using their individual IP address.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.duplocloud.com/docs/automation-platform/security-and-compliance/access-control-2/add-tenant-access-over-a-vpn.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.