This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Seperate user group for remote access vpn

Hello,

How can I create seperate user group for remote access vpn. Like

We have some users who only can connect to RDP to office from home.

And some users can access to all after remote access.

Currently all users have the same profile . I need to seprate this.

could you explain the configuration about this these scenario.

Thanks

Tusher



This thread was automatically locked due to age.
Parents
  • Hi emmosophos, 

    Thanks you for your quick reply.

    I created 2 groups what you suggest. But I use the permitted network same for both group (Suppose permitted network LAN),  And in the firewall rule for

    "group-1">>>>

    src zone=vpn,

    src_network= Remote_vpn_range(10.81.34.5-55) ,

    Dst zone=Lan,

    Dst network=any, 

    service=3389(RDP)

    for "group2" >>>>.

    src zone=vpn,

    src_network= Remote_vpn_range(10.81.34.5-55) ,

    Dst zone=Lan,

    Dst network=any, 

    service=Any

    Now In my XG FW -->Configure-->VPN-->VPN SSL (remote access )  have 2 profile

    remote_access_vpn_1

    remote_access_vpn_2

    So if user under group1 who has only RDP can use only remote desktop, somehow any service it can use??

    Thanks

    Muhammad

  • Hello Muhammad,

    Thank you for the follow-up.

    You would need to set the "Match known users" in the Firewall rule for each user depending on the group or if you create separated groups, you would only set the Group on the "Match known users" for each Firewall rule. 

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Thank you so much

    Regards,

    Muhamamd

Reply Children
No Data