Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 3323 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MAC-ADDRESS binding for SSL-VPN user

Muhammad Tusher

Hello

I am trying bind mac address for ssl-vpn user. but it is not working.

What is the way to bind mac address for laptop user who will connect to office network over ssl-vpn?

I have added an user in sophos xg version 18  and MAC Binding=enabled  and then add the mac

But not working.

Any suggestion

Thanks

Muhamamd



This thread was automatically locked due to age.
Parents
  • 0

    Hello Muhammad,

    Thank you for contacting the Sophos Community!

    MAC Binding for SSL VPN client is not supported.

    Regards,

  • 0 in reply to emmosophos

    Hi Emmanuel,

    Thank you.

    But is there any alternate way to restrict some our corporate client who are basically marketing and sales department using company's laptop.

    we want these users can connect to company's network over ssl-vpn to access all service only from the laptop, But when they try to connect from their personal device by sophos client then they only use Remote desktop service  and we have a RDP firewall rule using split tunnel.

    If we want to implement this how can we do that?

    we are using Sophos XG Firewall Version 18.

    Thanks

    Muhammad

  • 0 in reply to Muhammad Tusher

    Hello Muhammad,

    Thank you for the follow-up!

    This is not possible using the SSL VPN. I would recommend you to set a policy published by your company restricting access to only company-approved devices.

    I didn't understand the second part about their personal device and Sophos Client and Remote desktop, please clarify.

    Regards,

  • 0 in reply to emmosophos

    Hi

    1 st part : ssl-vpn to company network from company's provided laptop.

    2nd part: they can access from their personal computer by ssl-vpn( same user credentials) to corporate network but this time can access only remote Desktop service.

    thanks

    Muhamamd

Reply Children
  • 0 in reply to Muhammad Tusher

    Hello Muhammad,

    I think in your scenario, it would be to have the users use SSLVPN in one computer and use Sophos Connect Client on the other one, and create Firewall rules based on the Range of IPs of the SSL VPN and the Sophos Connect, and restrict the access to the resources or services based on the same. 

    Regards,