This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filters/rules based on Backend membership ?

Well, the anwer's allready been received through Astaro support, but Im not giving up....yet......

Looking through webadmin, one can create packet-rules which Source IS a group based on backend-membership (like AD or Edir). But according to support, that's not going to work.

Since standard practice is to user DHCP for the clients, it's difficult to solve IF we need a rule saying "users/group=*** be able to do this/that" but not the other users. Only way to achieve this is with static IP's/Groups.

Shouldn't this be something for an enhancement request ?
Since backend-membership actually DO work for Surfprotection, the majority of work has allready been done.... And, it IS in fact possible to create the rule based on the exemple above allready today, though it's stated not to work.

This thread was automatically locked due to age.

Parents

0 BAlfson over 14 years ago

Yes, for routing and packet filter purposes, the Astaro only knows the IP of a user if the user is logged into WebAdmin or is connected via VPN.

Schoerch, the solution to your problem is to create different backend groups for Admins, Sales, etc. This will result in the auto-creation of network definitions like "Sales (User Group Network)" and these can be used in the way you want.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 14 years ago

Yes, for routing and packet filter purposes, the Astaro only knows the IP of a user if the user is logged into WebAdmin or is connected via VPN.

Schoerch, the solution to your problem is to create different backend groups for Admins, Sales, etc. This will result in the auto-creation of network definitions like "Sales (User Group Network)" and these can be used in the way you want.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data