On Windows AD NPS, I created two policy:
-VPN-Users (here is additional requirement, computer groups - "Domain Computers"
-VPN-Admins (here is no any additional requirements)
The goal is that users authenticated on VPN-Users group should connect to SSL VPN only from domain machines.
The problem is users from VPN-Admins can authenticate, users from VPN-Users cannot connect even when connecting from domain computers - so connection should be allowed.
Is any way to configure this?