Different rules depending on SSLVPN user group ?
I'm trying to apply different NAT Rules to users users depending on if they are connected to SSLVPN or not and added to an user group (optionnal but would be useful).
Here is what I want to do :
#1 : If an SSLVPN user (origin = 10.10.xx.xx) added on group "my group" asked public IP 18.104.22.168 (80)
=> Redirect to private IP 22.214.171.124 (80)
#2 : If a public user (origin = any) / no group asked public IP 126.96.36.199 (80)
=> Redirect to private IP 188.8.131.52 (80)
What I did is 2 Access Rules :
#1 : From SSLVPN to DMZ - Source 10.10.xx.xx - Dest 184.108.40.206 (80) - Users Incl. "my group"
#2 : From WAN to DMZ - Source Any - Dest 220.127.116.11 (80)
And 2 NAT Policies :
#1 : Source 10.10.xx.xx - Original Dest 18.104.22.168 - Translated Dest 22.214.171.124
#2 : Source Any - Original Dest 126.96.36.199 - Translated Dest 188.8.131.52
#1 rule and NAT Policy have a lower priority number
But connected or not, everything goes through #2 rule and NAT Policy (0 packet on #1) ).
Does anyone know what I'm doing wrong ?