Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 12197 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

how to use a different Site to Site VPN for specific user?

JohnKenny

I want to set up a Site to Site VPN between 2 UTM's for a 4g connection, but I only want one user to be able to use this connection because its 4g and has limits.

Whats the best way to do this?

Thanks

JK



This thread was automatically locked due to age.
Parents
  • Hi John,

    you can set up S2S-VPN via IPSec or SSL and then create a firewall rule for the needed user or it's client IP. Should several user be allowed you can set up few rules and allow them only for a fixed time like

    Meyer -> Any -> 4g end network from 5..6 o'clock
    Schmidt -> Any -> 4g end network from 6..7 o'clock

    and so on.

    An other way could be using remote access, like SSL VPN, to the end gateway and not allowing multiple connection for users. You need rules on the other side to.

    Just my ideas to your question.
    --
    Regards, Steffen
  • in reply to trialrider
    Ok thanks for that ill keep that in mind, I was thinking more along the lines of having to set up policy based routes.

    Its just I have an existing S2S SSL VPN from the UTM's in question over ADSL & CABLE Fibre, the 4g connection will be an additional connection at one site that I am thinking of creating another S2S VPN from that to the users UTM. I will have to use a new Subnet for the 4g int and then create the VPN. But then what i am unsure about is how to keep normal traffic using the old VPN and then allow a single user to make use of the 4g VPN without having normal traffic using the faster VPN?

    Im assuming that policy based routes would be the way to go for getting the routing part right?

    But from your reply i think i will also create FW rules similar to what you mentioned to be sure that the user is the only one that can use it.

    Thanks

    JK

    JK

    CompKickers

Reply
  • in reply to trialrider
    Ok thanks for that ill keep that in mind, I was thinking more along the lines of having to set up policy based routes.

    Its just I have an existing S2S SSL VPN from the UTM's in question over ADSL & CABLE Fibre, the 4g connection will be an additional connection at one site that I am thinking of creating another S2S VPN from that to the users UTM. I will have to use a new Subnet for the 4g int and then create the VPN. But then what i am unsure about is how to keep normal traffic using the old VPN and then allow a single user to make use of the 4g VPN without having normal traffic using the faster VPN?

    Im assuming that policy based routes would be the way to go for getting the routing part right?

    But from your reply i think i will also create FW rules similar to what you mentioned to be sure that the user is the only one that can use it.

    Thanks

    JK

    JK

    CompKickers

Children
No Data
Unfiltered HTML