I am trying to restrict what VPN Connections have access to on our inside network. I have got it working for clients using the VPN Client software, using a mixture of Rules (source/destination addresses/port) and Filters (assign the approriate filter to the group the user is a member of.
This works and i can lock down where the clients connecting get go and also what ports/protocols can be used.
Is this the best way to acheive this ?
Anyhow, the problem i am having is if i take this approach for a WebVPN Client. I am locking down to HTTP/HTTPS/DNS/RDP In/Out and for some reason when i apply the Filter to the group, the SSLVPN Client will no longer download. Is this the correct way to do this ? Anyone know whats stopping the SSLVPN Client from downloading using this ?
I am write in that i don't need to add anything in the filter to all https traffic from the External Interface on the Concentrator ?
Thanks in advance