How USER's groups works ?

torrgovin · ‎09-26-2023

Hi,

I have an user which don't have access to our server when she is on VPN.

Once I add the user to VPN-SSL-ADMIN-GRP, she get access to all the server.

Groupe SSL ADMIN GRP.PNG

So I went to User's group to manage the server, but once I am in, there is no server on it, it is empty.

Forti group.PNG

So how is it managed ? I want to create a group to allow access to only a few server, not everything.

Thank you for your help and sorry for by bad french.

saneeshpv_FTNT · ‎09-26-2023

Hi @torrgovin ,

The user group created under User & Authentication tab, has to be called under "VPN -> SSL-VPN settings" and associate the respective VPN portal for each user group as show in attached screenshot.

In the SSL-VPN portal you can define the server which user should have access to once the VPN is connected along with other client side settings. This is configured using Predefined bookmark or even you can simply access them using Quick launch. Your Firewall policy with the User-group will decide whether user should be allowed to access the resource or not.

The section you have highlighted in yellow in your question above, is to call a remote user group and map them to a Local Firewall user group and then you can use them under VPN/Firewall policies.

Best Regards,

hbac · ‎09-26-2023

Hi @torrgovin,

To restrict the user from accessing the servers, you need to check the firewall policies. You can create a new group for that user and create a new firewall policy accordingly.

Regards,

How USER's groups works ?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website