Instead giving the entire LAN Subnet access to the client VPN user, create a address object for the particular Server and provide the VPN client access to that Server;
For example, Navigate to the Local users & groups-->Select the user-->Edit-->VPN access, add the created server address object.
To expand Ajishlal's input, keep your SSLVPN Client Settings \ Client Routes the same (include LAN subnet address object), but adjust the VPN Access settings per-user.
How I can restrict access to a service for example RDP ? I dont' see the ACL from SSL to LAN for example. I must define this ACL manually and put it over the generic ACL from SSL to LAN ?
VictorManzanares
Newbie ✭
Answers
@VictorManzanares
Instead giving the entire LAN Subnet access to the client VPN user, create a address object for the particular Server and provide the VPN client access to that Server;
For example, Navigate to the Local users & groups-->Select the user-->Edit-->VPN access, add the created server address object.
To expand Ajishlal's input, keep your SSLVPN Client Settings \ Client Routes the same (include LAN subnet address object), but adjust the VPN Access settings per-user.
How I can restrict access to a service for example RDP ? I dont' see the ACL from SSL to LAN for example. I must define this ACL manually and put it over the generic ACL from SSL to LAN ?
Hi VictorManzanares, if you want more control and granularity you would be best trialing an SMA 500v
yes. you have to define the policy if you need custom tailored.
SMA hardware can check for example the status of windows update on remote client ?