This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Restrict SSL Remote Access

Hi,

I believe it is possible to restrict the access for different users over the SSL VPN connection so that certain users can only see certain subnets?

I have tried to configure this but regardless of what I do users seem to have access to all subnets.

I have enabled the User Portal with access from any IP for certain groups of AD users.

I ahve also enabled the SSL remote access. I have added a few groups of users and two network that are reachable in Local Networks but have unchecked the Automatic Firewall Rules checkbox.

To then give access I have created firewall rules that allow certain User Group Networks access to certain subnets.

Despite this when I connect as a test user who is a member of one of the relevant groups the user has access to all subnets when I test using RDP.

I hope my explanation of the issue makes some sense, does anybody have any ideas as to what I might be doing wrong?

Thanks
Richard

This thread was automatically locked due to age.

Parents

0 rrimmer over 13 years ago

Thanks Bob,
Sorry for the delay in re-posting. I have just got back to testing this.
It appears that the AD groups are being evaluated incorrectly. When I check the packet filter logs a rule for a group that this user is not a member of is allowing traffic through!
I have logged a support call with Astaro and will let you know the outcome.
Richard
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rrimmer over 13 years ago

Thanks Bob,
Sorry for the delay in re-posting. I have just got back to testing this.
It appears that the AD groups are being evaluated incorrectly. When I check the packet filter logs a rule for a group that this user is not a member of is allowing traffic through!
I have logged a support call with Astaro and will let you know the outcome.
Richard
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data