This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Julian_Sanchez
Collaborator
‎2020-05-29 12:36 PM

Limit hours to join VPN Remote Access

Hi all,

We have an appliance that works Remote Access VPN, now the users connect just fine and it work perfect, but we want limit their access to the VPN , by time. Example: From 08:00 to 18:00 the user can connect to the VPN, before and after that period of time, the VPN must fail to connect.

I think I can use object time on the rule the VPN Remote Access, however, I dont know sure, firts if its allow, and second if this dont cause problems of performance. 

I review the options in gateway, and global propierties, and I havent see anything for configure the hour range limit for connect to vpn. 

Any advice?

Regards, 

 

Julian

0 Kudos
2 Replies
Maarten_Sjouw
Champion
Champion
‎2020-05-29 01:21 PM

You will not be able to allow or disallow a VPN to connect.
You can however prevent any NEW connections outside the timeframe from the Office Mode network. When you have multiple rules for the Office Mode network you can add a drop rule above them with a time object that disables the rule from 8-18 hours
Again keep in mind this will only stop new connections, all running connections will not be interrupted.
Regards, Maarten
0 Kudos
Hrvoje_Brlek
Collaborator
‎2020-12-08 12:03 AM

Hi,

I have the same question as above, we would just like to allow specific users to connect outside working hours (for example 22.00h - 06.00h). What would be the best approach. We are using Endpoint Security client with gateways running on R80.40 take 87.

  • Can I set a rule above all that drops a specific AD group (access role) and make it active from 22:00 till 06:00h? (If we clear all the VPN connections at the same time everyday (22:00h) users won't be able to connect afterwards?)
  • And then below allow the specific AD group (access role) to normally connect all the time?
  • Or can we do it with disabling AD accounts in Microsoft Active Directory, will this also work or will users stiil be able to connect?

Thanks!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events