Hello Guys,
Users connected to guest network aree able to establish VPN tunnels to outside world without going through Guest authentication. Does anyone know which ports do I have to block for Guest access?
Thanks
Please share the result of the following for the role the guest is in BEFORE authentication. If you are not sure of the role, check with "show user-table"
show rights <NameofRole>
Hi Celmbo,
As reqyested, please find the details about the Guest-pre auth role attached.
Attachment(s)
Any changes in the role which you recommend after looking at the Guest_Pre_auth role?
Create a new guest logon role with just DNS, DHCP and captive-portal...
Try removing line 5 in the logon-control ACL (svc-natt). You should not need this in your default logon role. Or if you are more comfortable, make a new logon-control for your needs and leave the default ACL as is.
Thank you guys, I have made the chage and have asked the users to test it. I will update you when I know more.
Again really appreciate your help!
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.