Description: The customer has deployed the network connector and would like to filter the Groups to access certain resource services (e.g. SSH, FTP, HTTP, HTTPS, RDP, etc.).
Resolution: From your CloudConnexa Portal, go to Networks > Destination Services and create an IP Service, then apply It to the Access Groups in CloudConnexa.
For this example, a User from Group A only has access to Linux and Windows Server Resources via SSH, RDP, FTP, and HTTP and Group B only has access to an Internal Web Server via HTTP.
Step 1:
From your CloudConnexa Portal, go to Networks > select the created Networks > Destination Services > IP Services > Add the New IP Services of your resources.
Step 2:
Next, change the Topology from the default setting Full-Mesh to Custom to use the Access group.
From your CloudConnexa Portal, go to Settings > WPC > Edit > Topology > Custom > Update (see the screenshot below).
Step 3:
After changing the Topology, proceed to configure your Access groups which specify the access relationship between Sources (i.e. Who?) and Destinations (i.e. What?). From your CloudConnexa Portal, go to Access > Groups > Create Access Group > Fill in the 'Access Group Name' > Source: User Groups (ex. Group A) > Destination: select all IP Services created > Create (see the screenshot below).
Step 4:
Do the same process as Step 3 but for different Sources(User Groups: Group B) and Destinations. Select IP Services "Linux_WebServer". (see the screenshot below).
Note: The Default Full Mesh Access Group already exists.
Step 5:
You can delete the default Access group when more than one Access group exists, or after you've created your Access groups. (see screenshot below)
Step 6:
Test the Access Groups from the connected VPN user device.
For this example test the access from Group A & B to the IP Services via telnet, netcat or accessing the services via SSH, RDP, FTP, and HTTP from their machines and verify If you are able to access It.
Comments
0 comments
Please sign in to leave a comment.