Re: VPN Tunneling, Access Control

fpsysman · ‎03-02-2017

Hello,

for the vpn tunneling with the Pulse Secure Desktop Client I use the feature Access Control in the Resource Policies to restrict the destination ip address access (e. g. allow 192.168.100.102:* ). Now I have some questions.
Should I configure an explicit deny rule at the end of the list which there is applied to the Resource Policy?
Where can I find in the logging about permited or denied packets with source and destination ip addresses , ports ...?
Should I configure several General Rules or one Detailed Rule with multiple grouped rule entries to bind these on a resource policy?

Many thanks for hints.

zanyterp · ‎03-02-2017

Should I configure an explicit deny rule at the end of the list which there is applied to the Resource Policy?
>>>If you would like to, you can; however, there is an implicit deny for anything not in the allowed ACL

Where can I find in the logging about permitted or denied packets with source and destination ip addresses , ports ...?
>>>Do you mean to ask if you can see what users are connecting to over the VPN? If yes, this is not an item that is recorded in the logs.

Should I configure several General Rules or one Detailed Rule with multiple grouped rule entries to bind these on a resource policy?
>>>Up to your policy/management style for configuration

fpsysman · ‎03-04-2017

Thanks for your answers.

zanyterp · ‎03-04-2017

You are welcome; hope that helps