Different rules depending on SSLVPN user group ?
I'm trying to apply different NAT Rules to users users depending on if they are connected to SSLVPN or not and added to an user group (optionnal but would be useful).
Here is what I want to do :
#1 : If an SSLVPN user (origin = 10.10.xx.xx) added on group "my group" asked public IP 184.108.40.206 (80)
=> Redirect to private IP 220.127.116.11 (80)
#2 : If a public user (origin = any) / no group asked public IP 18.104.22.168 (80)
=> Redirect to private IP 22.214.171.124 (80)
What I did is 2 Access Rules :
#1 : From SSLVPN to DMZ - Source 10.10.xx.xx - Dest 126.96.36.199 (80) - Users Incl. "my group"
#2 : From WAN to DMZ - Source Any - Dest 188.8.131.52 (80)
And 2 NAT Policies :
#1 : Source 10.10.xx.xx - Original Dest 184.108.40.206 - Translated Dest 220.127.116.11
#2 : Source Any - Original Dest 18.104.22.168 - Translated Dest 22.214.171.124
#1 rule and NAT Policy have a lower priority number
But connected or not, everything goes through #2 rule and NAT Policy (0 packet on #1) ).
Does anyone know what I'm doing wrong ?