Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 4814 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL-VPN Mac Binding

SophosNewby

Does Mac Binding not work if you are using a split tunnel?



This thread was automatically locked due to age.
  • 0

    So my initial problem was not being to use Mac Binding for my SSL-VPN clients and thought the split tunnel was the culprit. I was under the assumption I could simply add the mac addresses of my remote users laptops and it would bind that piece of equipment preventing any user from basically masquerading as an that authenticated user or prevent them from logging in through multiple machines. The sophos tech this is not how it works, hence the reason it did not work Enabled. This feature is pretty much useless in my opinion if you cannot bind the actual piece of equipment connecting, as the other equipment through its hops, will inevitably take on that mac address, rendering any type of login. That feature is pretty discouraging.

  • 0 in reply to SophosNewby

    Straight from Sophos docs: Obviously its a feature that doesn't work for SSL-VPN users.


    MAC Binding
    Enable/disable
    MAC Binding
    . By binding the user to a MAC address, you are mapping the user
    with a group of MAC addresses.
    If enabled, specify MAC addresses for example 01:23:45:67:89:AB.
    Once you enable MAC binding, the user will only be able to login through
    pre-specified machines.
    Use a comma to seperate multiple MAC addresses. For example 01:23:45:67:89:AB,
    01:23:45:67:89:AC.