Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
stich86
Employee
Employee

Location Awareness Clarifications

Hi all,

I need a clarify on how Location Awareness works with Endpoint Client.

Currently i've an HA Pair of CP that will only server for SSL\IPSec Endpoint (using alwasy-on and machine authentication), so the main goal is to avoid client connection when a laptop will be into our Office.

The first option, to check if a client is connecting to an internal interface, is not feasible because as i've said this cluster it's on our DC and cannot be reached to a private interface from the office, but just over a site-to-site VPN. Third option of DC also is not a good solution because we are passing all Active Directory stuff over VPN. So i've configured the second option, added our office and DC subnet to internals network (and also specified our Wifi SSID).

Because we are still in smart-working (and cannot have access to office), i've setup a new SSID at my home using one of the subnet of internals network specified on SG. Then i've disconnected manually the VPN client (using "trac disconnect"), then connect again but it looks like that the source subnet is not considered as internal but just as external.

Do I need to add also the public IP inside the internals network?

Thanks in advance

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Is that segment you set up at home also in the RemoteAccess encryption domain?

0 Kudos
stich86
Employee
Employee

Yes, 

One of the subnet is also into RemoteAccess because I need to reach some resources into my office (NAS, DC and other services)

0 Kudos
PhoneBoy
Admin
Admin

A TAC case may be needed here to clarify what's going on.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events