Re: Mobile Access Role for Local users

libin · ‎2020-01-13

Hi all,

Regarding Unified Policy for Mobile Access, if I create access role with the local users. why should I integrate identity awareness in the gateway for the access role to work since here I am calling only the local users.

Is it mandatory that the gateway should always connect to the AD for the access role which has local users or only for the first time identity awareness is required?

PhoneBoy · ‎2020-01-17

The gateway queries Active Directory periodically to ensure users are associated with the correct groups.
I assume if the Access Role only contains locally defined users, it won't need to do this ever.

libin · ‎2020-01-18

ok, but for Access role to push in the policy, identity awareness is required so what will be in case if I have to call only the local users?

Here I have enabled the identity awareness blade and chose the terminal server option where we can skip the AD integration after that I can able to push the policy.

Access role with the local user is not matching the rule after the user is authenticated, the traffic is not matching the access role rule and it is getting dropped on the clean rule.

What will be the issue here or am I missing any configuration. when I used the legacy policy all these wer working fine.

PhoneBoy · ‎2020-01-20

Have you enabled Remote Access users as part of Identity Awareness?

Are you a member of CheckMates?

Mobile Access Role for Local users