VPN policy deny access to certain group

Forum|Forum|4 years ago
October 18, 2021
1 reply
1632 views

Hey all, I have setup a secondary VPN subnet and secondary VPN user group. The idea behind this is to give external persons access to some of our devices/addresses but not to the whole domain. In order to accomplish this I have created the subnet and user group and then made a policy to enable routing to one of the addresses the users need access to. That part is working. However those users also have the ability to connect to all the other devices. I created a rule to deny those as well but that doesn't seem to help.

These have access to everything VPN_Users1 VPN_Subnet1

These only need access to specific addresses

VPN_Users2 VPN_Subnet2 The rules:

VPN_Subnet2 -> DeviceAddress accept

internal -> VPN_Subnet2 deny all

Does anybody have an idea how I can fix this?

seshuganesh

Staff

Hi Team,

Can you explain the configuration in detail:

Like which vpn you are using, please share the screenshot of confiuration.

If it is ssl vpn we need screenshots of ssl vpn settings, ssl vpn specific portal screenshot and firewall policy screenshot.

Please share it us.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded