I am trying to configure a more complicated VPN setup for Remote Access but it doesn't look like it works the way i was expecting. There is only one Remote Access Community. In the manual we have the line:
"You can also create a new Remote Access VPN Community with a different name." but there is no instruction on how to do so. If i add new community i have only Star or Mesh options and they look like they are a bit different than the built in Remote Access.
1. First of all can i have more than one Remote Access Community per Gateway? I can edit VPN Domain per Remote Access but i can't really get how you can create a second Remote Access Community.
2. I know that there is one Office Mode Pool by default per gateway. If i need to allocate two different ip subnets to users connecting to the gateway based on Group/Username can i do it in any other way than stated in sk33422 (Office Mode IP and ipassignment.conf file)? This one
3. For non-global split-tunnel we have this sk114882 where you can control tunneling mode based on group membership.
Does anyone have a similar setup where let's say?:
Internal VPN Users can access Full-Tunnel and all internal subnets
External VPN Users can access Split-Tunnel and some pre-defined internet destinations with VPN GW NAT
All of this on only one Security Gateway