This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Verify SSL VPN user profile

Situation:

We have different SSL VPN profiles. One for our regular users, one for our system administrators. The system administrator profile has obviously more permissions than the regular users. However, system admins are not be able to connect to the management vlan for example. When I take a look into the firewall logs the packets are dropped by the default drop so no rule matches. Of course I have automatic firewall rules checked at the profiles.

Is there a way to verify that the user is connected to the right VPN profile? From this point this is most likely the error code.

This thread was automatically locked due to age.

Parents

0 vwijhe over 9 years ago

It appears that Sophos does not know that I am a member of the admin group. So the wrong VPN profile is connected. I've added myself as user directly to the VPN profile and from now I am be able to connect the management vlan.

The permissions are given via Active Directory group called VPN_ADMIN_USERS:
Group type: Backend membership
Backend: Active Directory
Limit to backend group is checked.
LDAP string is correct for sure (mapped via GUI-->Users & Groups-->Groups-->Browse)
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 vwijhe over 9 years ago

It appears that Sophos does not know that I am a member of the admin group. So the wrong VPN profile is connected. I've added myself as user directly to the VPN profile and from now I am be able to connect the management vlan.

The permissions are given via Active Directory group called VPN_ADMIN_USERS:
Group type: Backend membership
Backend: Active Directory
Limit to backend group is checked.
LDAP string is correct for sure (mapped via GUI-->Users & Groups-->Groups-->Browse)
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data