Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
871
Views
0
Helpful
2
Replies

restrict non-domain computers

charles_ironport
Level 1
Level 1

‎05-13-2008 06:52 PM

Does anyone know if it is possible to restrict access based on domain membership or an AD Group?

The purpose is to restrict non-domain computers even if the client has a legitimate domain credential to use for authentication.

Labels:
0 Helpful
2 Replies 2

jason.spangler
Level 1
Level 1

‎05-14-2008 03:13 PM

I believe you could put these PCs into a different subnet and create a policy based on the subnet.

I think so anyway.

-
Jason

0 Helpful

jowolfer
Level 1
Level 1

‎05-14-2008 04:07 PM

That is correct. The only way to restrict these computers would be to make a rule (above your auth group policies), that states the specific IPs / subnets are granted certain / no access.

As long as the rule is above all your auth rules, it will trigger first and take precedence. Be sure to disable WBRS for this rule as well, since there is a potential for +6 sites to be allowed.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents