- CheckMates
- :
- Products
- :
- Quantum
- :
- Remote Access VPN
- :
- Remote Access VPN with limited acces before VPN tu...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Remote Access VPN with limited acces before VPN tunnel establishment
Hi All,
I need to implement an RA configuration that fulfill the followings:
Client: Win 10
After connecting to the local network (Wifi or cable) the public internet access must be diabled until the VPN tunnel establishment.
So the user can access his own local network but he will not be able to reach the internet. However after the successful VPN connection he can reach the internet (through full-Tunnel VPN)
All ideas are welcome.
BR
Akos
\m/_(>_<)_\m/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Use Machine Authentication to connect to VPN before Windows logon and configure Route All Traffic thru GW - that should do it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
But in that case when the endpoint does not have network connection at all?
And I forgot an another requirement: VPN login with MFA with RSA....
BR
Akos
\m/_(>_<)_\m/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Then VPN will not be up, but Internet connection is impossible 😎 VPN login with MFA with RSA is not possible with Machine Authentication, so customer should choose if no internet or MFA with RSA is more important. You can also open a TAC ticket for more information or let CP Professional Services do the configuration.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Now I am searching for a solution in Harmony Endpoint. Maybe I can define profiles where one point can be if there is no VPN connection the internet access won't work.
Or this is wrong way?
A
\m/_(>_<)_\m/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No use, this is impossible - VPN will not connect without internet connection, so Machine Authentication is the solution here. And much better than MFA as the logon is done in the background. You could do MFA with RSA for Windows Logon instead...