How can I create seperate user group for remote access vpn. Like
We have some users who only can connect to RDP to office from home.
And some users can access to all after remote access.
Currently all users have the same profile . I need to seprate this.
could you explain the configuration about this these scenario.
Thank you for the follow-up.
You would need to set the "Match known users" in the Firewall rule for each user depending on the group or if you create separated groups, you would only set…
Thank you for contacting the Sophos Community!
You can create an additional SSL VPN profile, and then separate the users by groups, and have different permitted Networks for each group, then you can create specific firewall rules for each group.
SSLVPN_Group1 - Identity = user1 - Permited Networks - 10.10.10.0/24
SSLVPN_Group2 - Identity = user2 - Permitted Networks - 10.10.11.0/24
Thanks you for your quick reply.
I created 2 groups what you suggest. But I use the permitted network same for both group (Suppose permitted network LAN), And in the firewall rule for
src_network= Remote_vpn_range(10.81.34.5-55) ,
for "group2" >>>>.
Now In my XG FW -->Configure-->VPN-->VPN SSL (remote access ) have 2 profile
So if user under group1 who has only RDP can use only remote desktop, somehow any service it can use??
You would need to set the "Match known users" in the Firewall rule for each user depending on the group or if you create separated groups, you would only set the Group on the "Match known users" for each Firewall rule.
Thank you so much