SA500 VPN Access - list support

Unanswered Question
May 3rd, 2010

I have a site that has a need for 3 different remote vpn user profiles

I have 1 user that needs access to the entire private subnet

1 user needs access to just 1 address

1 user needs access to 5 of the ip addresses.

Is this possible? What other SMB security product will give me what i want?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
nmanglik Thu, 05/20/2010 - 13:39


On SA500 you can use SSL VPN Policies under VPN -> SSL VPN Server -> SSL VPN Policies.

1. For the user who need to access the entire private network, you can use full SSL VPN Tunnel.

2. For the user who needs to access only 1 IP address, you can use port forwarding. Under VPN -> SSL VPN Server -> SSL VPN Policies, select the user and hit 'Display' button. Add a SSL VPN Policy where allow the user to use only one IP address and deny the rest of your private network.

3. For the user who needs to access 5 IP address, you can again use port forwarding with the above step repeated for 5 addresses or you can use 'Resources'. Create a Resource and add objects to it (IP address you want to access). Then call this resource using SSL VPN Policies. You will need to deny rest of the private network incase you only need access to 5 IP addresses.



This Discussion