cancel
Showing results for 
Search instead for 
Did you mean: 

Modification of url next to be logged in

Occasional Contributor

Modification of url next to be logged in

Hello,

first i'm sorry for my English. It isn't perfect.

I have a question about an appliance SA 2500 in version 7.0r6.

When i'm logged in the appliance, i have differents bookmarks.

For example, i have a bookmark to join my Outlook Web Access. When i got to, i have in my adress bar this :

https://vpnssl.mycompany.com/exchange/,DanaInfo=relay.mydomain.local+.

It's normal.

But, when i change this url, and put for example :

https://vpnssl.mycompagny.com/,DanaInfo=myvcenter.mydomain.local,SSL+

I can access some content that are not published on the VPN.

So i can see a lot of forbbiden contents.

Anyone can explain me how to secure this part ? I think it's in the ressources policies but I don't understand how to.

In advance great thanks.

Nicolas

1 REPLY 1
Frequent Contributor

Re: Modification of url next to be logged in



Have a look at Users > Resource Policies > Web ACL and filter the display by the Role you are interested in using the 'Show policies that apply to' drop-down.

You should see a list of policies, do you have the Initial Open Policy in the list?  This allows access to all internal web resources, either delete it or modify it so it does not apply to the role(s) you wish to restrict access for.

Then you can look at tightening up any other Web ACLs that apply for the role so they are more restrictive for the Resources, so you might have a resource policy of ALLOW http://internal.mycompany.net/* which allows access to all content under the domain, so if you only want to allow access to specific URLs/directories you can explicitly list them.