Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 3 answers
  • Subscribers 31 subscribers
  • Views 10606 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL-VPN

Aline Carvalho

Hello everyone!

I have to prevent my company users from logging in through multiple machines with SSL-VPN. I tried to use MAC Binding but it didn't work ("MAC Binding option is only supported with client base SSO. SSL VPN client, Captive Portal and Client Authentication Agent (CAA) is not supported.")

With this information how can I do that, to force my users to use only the company notebook to conect to the VPN?



This thread was automatically locked due to age.
Parents
  • 0

    Aline,

    in order to force your users to connect to your corporate, you could use a NAC product or you can even use Sophos Heartbeat. Using Sophos HB, if the remote computer does not have Sophos installed in a healthy status, the computer does not have any permissions to access internal resources.

    Regards

  • 0 in reply to lferrara

    Hi,

    I have been trying to restrict access to internal resources when connected to SSL VPN by enabling HB on the XG firewall rule. However whenever I enable the option "Minimum Source HB permitted" (either yellow or green status) - then no restrictions take effect. i.e. can still access internal resources.

    When I enable the option "Block clients with no heartbeat" then all access to internal resources are denied.

    I am testing this from a remote machine (at home) that has Sophos Endpoint installed. I can also see that the endpoint has a live status/checked into the Sophos Central. However this endpoint does not show up on the XG firewall Heartbeat widget.

    Have you managed or heard of anyone getting this scenario to work?

    Thanks,

  • 0 in reply to jcvd

    Were you able to get this working? I am seeing the same thing. It is almost like the heartbeat does not transfer over the SSL VPN.

Reply Children
No Data