- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Users are able access VPN through Guest Network without going through guest authentication
Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 04:13 AM
Hello Guys,
Users connected to guest network aree able to establish VPN tunnels to outside world without going through Guest authentication. Does anyone know which ports do I have to block for Guest access?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 04:21 AM
Thanks,
Tim
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 04:22 AM
Please share the result of the following for the role the guest is in BEFORE authentication. If you are not sure of the role, check with "show user-table"
show rights <NameofRole>
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 04:41 AM
Hi Celmbo,
As reqyested, please find the details about the Guest-pre auth role attached.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 05:36 AM
Hello Guys,
Any changes in the role which you recommend after looking at the Guest_Pre_auth role?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 05:38 AM
Create a new guest logon role with just DNS, DHCP and captive-portal...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 05:38 AM
Try removing line 5 in the logon-control ACL (svc-natt). You should not need this in your default logon role. Or if you are more comfortable, make a new logon-control for your needs and leave the default ACL as is.
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Users are able access VPN through Guest Network without going through guest authentication
Re: Users are able access VPN through Guest Network without going through guest authentication
09-30-2015 07:22 AM
Thank you guys, I have made the chage and have asked the users to test it. I will update you when I know more.
Again really appreciate your help!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator