Different rules depending on SSLVPN user group ?
I'm trying to apply different NAT Rules to users users depending on if they are connected to SSLVPN or not and added to an user group (optionnal but would be useful).
Here is what I want to do :
#1 : If an SSLVPN user (origin = 10.10.xx.xx) added on group "my group" asked public IP 220.127.116.11 (80)
=> Redirect to private IP 18.104.22.168 (80)
#2 : If a public user (origin = any) / no group asked public IP 22.214.171.124 (80)
=> Redirect to private IP 126.96.36.199 (80)
What I did is 2 Access Rules :
#1 : From SSLVPN to DMZ - Source 10.10.xx.xx - Dest 188.8.131.52 (80) - Users Incl. "my group"
#2 : From WAN to DMZ - Source Any - Dest 184.108.40.206 (80)
And 2 NAT Policies :
#1 : Source 10.10.xx.xx - Original Dest 220.127.116.11 - Translated Dest 18.104.22.168
#2 : Source Any - Original Dest 22.214.171.124 - Translated Dest 126.96.36.199
#1 rule and NAT Policy have a lower priority number
But connected or not, everything goes through #2 rule and NAT Policy (0 packet on #1) ).
Does anyone know what I'm doing wrong ?