Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 15 subscribers
  • Views 5274 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Same Resource, Multiple Rules

Perstin

Hello Folks

Is there any way to map multiple resources to the same destination, but with different ports?

I need e.g. TCP139/445 to a fileserver for the users, while the admin-team needs TCP/UDP3389 to it.

I obviously do not want to grant every user accessing this fileserver the possibility to RDP to the server (even if the account hat no logon-permissions over RDP).

Thank you for your assistance! 

Regards,

Manuel



This thread was automatically locked due to age.
Parents
  • +1

    Hi Manuel,

    You can achieve this by adding two different resources with different external FQDNs and pointing to the same internal FQDN/IP address. You can choose different user groups and ports in different resources. The ZTNA agent uses the external FQDNs to intercept traffic, and hence you can provide any FQDN; it need not be externally resolvable. We also have a backlog item in which we will start allowing the addition of multiple resources with the same external FQDNs but mapped to different policies. 

Reply
  • +1

    Hi Manuel,

    You can achieve this by adding two different resources with different external FQDNs and pointing to the same internal FQDN/IP address. You can choose different user groups and ports in different resources. The ZTNA agent uses the external FQDNs to intercept traffic, and hence you can provide any FQDN; it need not be externally resolvable. We also have a backlog item in which we will start allowing the addition of multiple resources with the same external FQDNs but mapped to different policies. 

Children
Unfiltered HTML