Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Creating per-user filters for vendors/contractors/support.

ChrisSherry_
Not applicable
‎10-30-2009 05:48:PM
‎10-30-2009 05:48:PM

Creating per-user filters for vendors/contractors/support.

All,

I am trying to develop a solution on the SA that restricts network access based on the username.  So all the users (seperate for corporate users) would belong to a role, and then each user would have a specific filter applied (restricting access to a defined list of IP addresses).  I would rather not have to build roles/resources for each username.  There has got to be some way to pull the IP list from AD/LDAP, and apply that to a generic resource policy.  I have seen some indication of this using custom expressions, but nothing with any kind of detail.  If I could pull the list from RADIUS as a VSA, that would work too.  For reference, I currently do this via a Cisco VPN and downloadable ACLs in Cisco ACS.

Thanks in advance....

Chris.

0 Kudos
1 REPLY 1
ruc_
Regular Contributor
‎11-06-2007 08:21:PM
‎11-06-2007 08:21:PM

Re: Creating per-user filters for vendors/contractors/support.

The first part is straight forward. Use LDAP auth server and then Create a Role Mapping rule based on group membership.

For the second part you could use the split tunneling feature and the split tunnel config can be dynamically built using a user attribute value from a Radius server (LDAP may work as well)

https://www.juniper.net/techpubs/en_US/sa8.0/topics/task/configuration/secure-access-nc-split-tunnel...


0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.