Forum Discussion

Kash's avatar
Kash
Icon for Altostratus rankAltostratus
Apr 28, 2020

Network Access - Block Virtual machine for VPN connection.

Hi Experts, Would like need your advice how to prevent f5 vpn accessing from virtual machine.Becz we enforced full tunnel,but its still able access internet websites using physical machine...still consider as split tunnel overall .

 

 

Is there any way to prevent to use VM machine for VPN.

 

 

Thank you!

Kash

  • Hello Kash,

     

    You can use the Machine Info agent to gather information of the laptop that is trying to access the VPN. By using Machine Info agent you can get information that is present only in the physic machine like the HDD and then allow access to the VPN. If you are able to have a list of the physical NIC MAC addresses of the personal laptops, you can filter the access by allowing only those that are in the list.

  • what exactly are you trying to solve here?

     

    while the virtual machine has no split tunnel then there won't be any communication with it locally. all traffic from the virtual machine will go in the tunnel.

  • Kash's avatar
    Kash
    Icon for Altostratus rankAltostratus

    Thanks Boneyard!

    Here we need to deny VM based machines.So that non vm based machines will go in the tunnel and won't be any communication to internet .

    • why this focus on a difference between virtual and none virtual machines?

       

      you say something about with a virtual machine it is split tunnel, but why would that be the case?

       

      the big-ip edge client doesn't behave differently on a virtual or non virtual machine.

      • Kash's avatar
        Kash
        Icon for Altostratus rankAltostratus

        For clear understanding ,

        Objective is to allow vpn users to access intranet sites only .Full tunnel enabled at APM policy.

         

        scenario : I installed Virtualbox with win 10 OS in my laptop. Connect VPN @ vm machine .(Full tunnel enabled) .Able to access intranet sites only using VM browser .( expected result)

        But using my physical laptop browser (vm is running and connected to VPN) i can able to access internet websites.Becz its not connected to VPN( expected result).

         

        On above scenario its like a split tunnelling ( vm no access to internet websites , Laptop have access to internet websites ).

        so need to block all vm based machines on posture check or is there any other possible ways ?

         

        Note : VPN access via browser not f5 edge client and No cert .

         

        Thank you!