AnsweredAssumed Answered

Remote Access Communities

Question asked by cezar varlan on Dec 19, 2018
Latest reply on Dec 21, 2018 by Dameon Welch-Abernathy



I am trying to configure a more complicated VPN setup for Remote Access but it doesn't look like it works the way i was expecting. There is only one Remote Access Community. In the manual we have the line: 

"You can also create a new Remote Access VPN Community with a different name."  but there is no instruction on how to do so. If i add new community i have only Star or Mesh options and they look like they are a bit different than the built in Remote Access. 


1. First of all can i have more than one Remote Access Community per Gateway? I can edit VPN Domain per Remote Access but i can't really get how you can create a second Remote Access Community.


2. I know that there is one Office Mode Pool by default per gateway. If i need to allocate two different ip subnets to users connecting to the gateway based on Group/Username can i do it in any other way than stated in  sk33422 (Office Mode IP and ipassignment.conf file)? This one 


3. For non-global split-tunnel we have this sk114882 where you can control tunneling mode based on group membership.


Does anyone have a similar setup where let's say?:

Internal VPN Users can access Full-Tunnel and all internal subnets 

External VPN Users can access Split-Tunnel and some pre-defined internet destinations with VPN GW NAT

All of this on only one Security Gateway



Thank you,