Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is there any way to make bi-directional NC policy?

lannerkr_
Not applicable
‎01-13-2014 06:02:PM
‎01-13-2014 06:02:PM

Is there any way to make bi-directional NC policy?

I need to make my sslvpn client to bi-directional communicate with internal servers.

 

I found that I can allow all ports to the servers for bi-directional communication.

 

But I don't want the clients to be allowed for all ports to ther servers.

 

So, how can I restrict the clients to be allowed for specific bi-directional communication with servers. 

0 Kudos
2 REPLIES 2
zanyterp_
Respected Contributor
‎01-18-2014 01:58:AM
‎01-18-2014 01:58:AM

Re: Is there any way to make bi-directional NC policy?

this is not possible, as you found.

the ACL is for both inbound & outbound traffic; you would need to allow all ports on the SA & then filter outbound ports on the internal firewall. this will allow the client access to the required ports but block all others to the allowed destinations; it will also allow the inbound connections (which will use any port)

0 Kudos
space-man_
Occasional Contributor
‎01-22-2014 04:29:AM
‎01-22-2014 04:29:AM

Re: Is there any way to make bi-directional NC policy?

You can do this. I looked into this a few years back so that a user could RDP into a Network Connected computer. You just have to specify in your Network Connect ACL the Network Connect DHCP Pool. Instead of allowing access to internal servers, you're allowing access to remotely connected computers. It makes sense! Smiley Happy

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.