Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall, is it possible to restrict User Portal Access from WAN

We are using AD for authentication but access to the user portal should be restricted from outside.

Is it true that user access to the XG user portal web page cannot be restricted? Even not from the WAN side?

How is it protected then against brute force attacks to get passwords?

TIA,

Fred

 



This thread was automatically locked due to age.
Parents Reply Children
  • While you aren't able to lock it down to define it per AD group, because the portal would already be exposed and the user authentication attempts passed onto AD to verify the group; you are however able to lock it down to source IP/network (country) which is what I did.

    Under the device access, create a local ACL service and have the source zone as WAN, and select the source network as your country then select the user portal as the service and accept. Then you can remove the tick box for the User Portal on the WAN zone. At least you can secure it by country, which is better than nothing.

    Regards