Different rules depending on SSLVPN user group ?
I'm trying to apply different NAT Rules to users users depending on if they are connected to SSLVPN or not and added to an user group (optionnal but would be useful).
Here is what I want to do :
#1 : If an SSLVPN user (origin = 10.10.xx.xx) added on group "my group" asked public IP 22.214.171.124 (80)
=> Redirect to private IP 126.96.36.199 (80)
#2 : If a public user (origin = any) / no group asked public IP 188.8.131.52 (80)
=> Redirect to private IP 184.108.40.206 (80)
What I did is 2 Access Rules :
#1 : From SSLVPN to DMZ - Source 10.10.xx.xx - Dest 220.127.116.11 (80) - Users Incl. "my group"
#2 : From WAN to DMZ - Source Any - Dest 18.104.22.168 (80)
And 2 NAT Policies :
#1 : Source 10.10.xx.xx - Original Dest 22.214.171.124 - Translated Dest 126.96.36.199
#2 : Source Any - Original Dest 188.8.131.52 - Translated Dest 184.108.40.206
#1 rule and NAT Policy have a lower priority number
But connected or not, everything goes through #2 rule and NAT Policy (0 packet on #1) ).
Does anyone know what I'm doing wrong ?