Skip to main content

OpenVPN Support Center

Welcome to the new and improved OpenVPN Support Center.

Search the Support Center

OpenVPN Cloud: Using Access Group to Filter User Group to Access Certain Services of the Resources

  • Updated

Description: The customer has deployed the network connector and would like to filter the Groups to access certain resource services (e.g. SSH, FTP, HTTP, HTTPS, RDP, etc.). 

Resolution: From your OpenVPN Cloud Administrator Portal, go to Networks > Destination Services and create an IP Service, then apply It to the Access Groups in OpenVPN Cloud.

For this example, a User from Group A only has access to Linux and Windows Server Resources via SSH, RDP, FTP, and HTTP and Group B only has access to an Internal Web Server via HTTP.

Step 1:

From your OpenVPN Cloud Administrator Portal, go to Networks > select the created Networks >  Destination Services > IP Services > Add the New IP Services of your resources.
mceclip1.png

mceclip2.png

 

Step 2:

Next, change the Topology from the default setting Full-Mesh to Custom to use the Access group.
From your OpenVPN Cloud Administrator Portal, go to Settings > WPC > Edit > Topology > Custom > Update (see the screenshot below).mceclip2.png

Step 3:

After changing the Topology, proceed to configure your Access groups which specifies the access relationship between Sources (i.e. Who?) and Destinations (i.e. What?). From your OpenVPN Cloud Administrator Portal, go to Access > Groups > Create Access Group > Fill in the 'Access Group Name' > Source: User Groups (ex. Group A) > Destination: select all IP Services created > Create (see the screenshot below).

mceclip3.png

Step 4

Do the same process as Step 3 but for different Sources(User Groups: Group B) and Destinations. Select IP Services "Linux_WebServer". (see the screenshot below).
mceclip4.png

Note:  The Default Full Mesh Access Group already exists.

Step 5:

You can delete the default Access group when more than one Access group exists, or after you've created your Access groups. (see screenshot below)
mceclip5.png

Step 6:

Test the Access Groups from the connected WPC users.

For this example test the access from Group A & B to the IP Services via telnet, netcat or accessing the services via SSH, RDP, FTP, and HTTP from their machines and verify If you are able to access It.

 

Comments

0 comments

Please sign in to leave a comment.