Forum Discussion

Cirrus

Sep 25, 2022

How to enforce Role based access controls to VPN users?

I know we can assign role based apps to HTTP(webtop) remote users. How can I do the similar access control for vpn users using a client? Do I have to assign different groups a different IP pool and e...

security

shashe

Cirrus

James_Jinwon_Lee Thanks for your response. What if I don't want to use webtop? Can I place those users in different subnets so I can apply Layer4 acls on APM?

Scot_JC

Employee

Nov 18, 2022

Hi,

Not 100% sure your environment and objectives, but we can always add some "Variable Assign" to the VPE, and with selecting "Confguration Variable", we can then choose Type: Network Access, Name: <NA_object_name>, and then "Property": we can override the original NA settings, especially if we already have some branching, in the VPE, per the group membership.

Otherwise ... I know we can create some ACLs as an empty sheel, and develop some iRule code to add the ACEs, depending what we need to aloow or deny.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

How to enforce Role based access controls to VPN users?

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Advanced API Access Control with BIG-IP APM – Part III

Access Control Based on IP

Testing the security controls for a notional FDX Open Banking deployment

Access Control Based On Network or Host

Enforce Server Cipher proposal in preferred order

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS