topic Re: Differentiation of users by authentication methods. in SASE and Remote Access

Differentiation of users by authentication methods.

Sergey_Anikeev — Mon, 01 Mar 2021 06:14:51 GMT

Hi colleags, please help me find a solution.
At the moment, we have many VPN users who connect through the VPN client using their credentials.
We want to gradually change the schema to certificate+username/password.
Unfortunately, I have not found a solution to how to do it gradually.

For example, for one group of users in AD (as example "VPN_Credentials"), the username/password method works, and for another (as example "VPN_Certificate"), certificate+username/password.
Thus, we could painlessly transfer users to a more secure authentication scheme.
In this case, it is necessary that a specific authentication method be available to users only from for a specific group.

Those. for users in a group "VPN_Credentials" - only username/password method.
For users in a group"VPN_Certificate" - only certificate+username/password method.

Re: Differentiation of users by authentication methods.

PhoneBoy — Mon, 01 Mar 2021 07:23:35 GMT

@Royi_Priov this is still an RFE, right?

Re: Differentiation of users by authentication methods.

Luca_Filippi1 — Thu, 28 Oct 2021 09:50:49 GMT

Hello,

are there any updates about this?

Luca

Re: Differentiation of users by authentication methods.

jruizvelarde — Tue, 09 Aug 2022 10:37:49 GMT

I find myself with the same issue. I'd like to shift gradually from a authentication scheme to another with 2FA, but I don't find a way to do this.

I would really appreciate any comments.

Regards