Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
torrgovin
New Contributor II

How USER's groups works ?

Hi,

 

I have an user which don't have access to our server when she is on VPN.

 

Once I add the user to VPN-SSL-ADMIN-GRP, she get access to all the server.

Groupe SSL ADMIN GRP.PNG

 

So I went to User's group to manage the server, but once I am in, there is no server on it, it is empty.

Forti group.PNG

So how is it managed ? I want to create a group to allow access to only a few server, not everything.

 

Thank you for your help and sorry for by bad french.

 

 

2 REPLIES 2
saneeshpv_FTNT

Hi @torrgovin ,

 

The user group created under User & Authentication tab, has to be called under "VPN -> SSL-VPN settings" and associate the respective VPN portal for each user group as show in attached screenshot.

 

In the SSL-VPN portal you can define the server which user should have access to once the VPN is connected along with other client side settings. This is configured using Predefined bookmark or even you can simply access them using Quick launch. Your Firewall policy with the User-group will decide whether user should be allowed to access the resource or not. 

 

The section you have highlighted in yellow in your question above, is to call a remote user group and map them to a Local Firewall user group and then you can use them under VPN/Firewall policies.

 

Best Regards,

 

 

hbac
Staff
Staff

Hi @torrgovin,

 

To restrict the user from accessing the servers, you need to check the firewall policies. You can create a new group for that user and create a new firewall policy accordingly. 

 

Regards, 

Top Kudoed Authors