Hi, i have set up a IPSec VPN so that users can VPN into the XG and access the internet and some internal resources.
I would like to only allow certain users to be able to see one of my servers, is this possible?
Hi Downsideup : Yes with the help of firewall rule it is possible. You may set up 1 rule to allow traffic which covers that user and that server IP and create another rule exactly below in position to this allow rule to drop rest of the user traffic from VPN to that server IP with rule action drop.
Reference snapshot from local XG for rule configuration.
Allowed Rule for test user to have access of DMZ server:
Drop rule for other users from VPN to DMZ for same DMZ server.
Rule view from "Firewall rules" page:
Please change zone, user and IP in above settings as per your requirement.
Regards,
Vishal Ranpariya
Technical Account Manager | Sophos Technical Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link.
Hi Downsideup : Yes with the help of firewall rule it is possible. You may set up 1 rule to allow traffic which covers that user and that server IP and create another rule exactly below in position to this allow rule to drop rest of the user traffic from VPN to that server IP with rule action drop.
Reference snapshot from local XG for rule configuration.
Allowed Rule for test user to have access of DMZ server:
Drop rule for other users from VPN to DMZ for same DMZ server.
Rule view from "Firewall rules" page:
Please change zone, user and IP in above settings as per your requirement.
Regards,
Vishal Ranpariya
Technical Account Manager | Sophos Technical Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link.
