Deny IP Source to SSL VPN

So, I have an issue with users connecting to the SSL VPN, while they are in the office.

Is there anyway to block our office public IP addresses from connecting to the SSL VPN?  We have one main office running XG210, with remote locations running Red 15's.

We have them install/download the SSL Client and Configuration when in the office, so denying 443 doesn't really work for me.


I'm assuming that the users are originally working remotely (from home or MiFi) connected to the SSL VPN.  They then come into the office, and the VPN auto-reconnects.

While this isn't causing any problems, I would prefer that this not be possible.



  • Hello


    This can be achieved in two way by going to System > Administration > Device Access.


    1. Enable SSL VPN on WAN zone. This will allow the user to connect only when they are outside office.
    2. Else create Local Service ACL Exception Rule to allow or deny a specific IP/Network to access SSL VPN service.


    Regards, Ronak.