Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Specialist

Defining access per user

Hi there,

In mobile access portal policy you can add singe user and not necessary use LDAP group and it works just fine.

image.png

 

I tried to achieve the same for remote access for VPN users and I couldn't find a way to do this. I could add only LDAP group, but not single user. Is there a way to do this?

 

0 Kudos
4 Replies
Highlighted
Leader
Leader

If you want to allow only a single user you have to use access-roles as source in your policy. 

Create a role for every user you need and add only the user in the access-role. These users can't be internal users, they can be added only if they defined in a directory referenced by an account unit.

Wolfgang

0 Kudos
Highlighted
Specialist

This means I need to enable Identity Awareness blade on the gateway to use access roles. The gateway having Mobile Access do not have Identity Awareness enabled. Thanks for suggestion, I'll give it a try.

0 Kudos
Highlighted

Legacy User Access should not be used anymore and Identity Awareness is anyway the recommended way for creating Remote Access rules.
As soon as you want to move to a unified policy, the Legacy User Access objects aren't working/supported and you will not be able to install policy anyway.
0 Kudos
Highlighted
Specialist

Noted, thanks!

0 Kudos