Description: The customer has deployed the network connector and would like to filter the Groups to access certain resource services (e.g. SSH, FTP, HTTP, HTTPS, RDP, etc.).
Resolution: From your OpenVPN Cloud Administrator Portal, go to Networks > Destination Services and create an IP Service, then apply It to the Access Groups in OpenVPN Cloud.
For this example, a User from Group A only has access to Linux and Windows Server Resources via SSH, RDP, FTP, and HTTP and Group B only has access to an Internal Web Server via HTTP.
Step 1:
From your OpenVPN Cloud Administrator Portal, go to Networks > select the created Networks > Destination Services > IP Services > Add the New IP Services of your resources.
Step 2:
Next, change the Topology from the default setting Full-Mesh to Custom to use the Access group.
From your OpenVPN Cloud Administrator Portal, go to Settings > WPC > Edit > Topology > Custom > Update (see the screenshot below).
Step 3:
After changing the Topology, proceed to configure your Access groups which specifies the access relationship between Sources (i.e. Who?) and Destinations (i.e. What?). From your OpenVPN Cloud Administrator Portal, go to Access > Groups > Create Access Group > Fill in the 'Access Group Name' > Source: User Groups (ex. Group A) > Destination: select all IP Services created > Create (see the screenshot below).
Step 4:
Do the same process as Step 3 but for different Sources(User Groups: Group B) and Destinations. Select IP Services "Linux_WebServer". (see the screenshot below).
Note: The Default Full Mesh Access Group already exists.
Step 5:
You can delete the default Access group when more than one Access group exists, or after you've created your Access groups. (see screenshot below)
Step 6:
Test the Access Groups from the connected WPC users.
For this example test the access from Group A & B to the IP Services via telnet, netcat or accessing the services via SSH, RDP, FTP, and HTTP from their machines and verify If you are able to access It.
Comments
0 comments
Please sign in to leave a comment.