Static IP for SSL VPN

cancel
Showing results for 
Search instead for 
Did you mean: 

Static IP for SSL VPN

L4 Transporter

I got to thinking about this the today.

Is there anyway to assign a static IP address in the SSL VPN? I'd like to assign one to myself so I can remote in and check on the firewall when I needed to do so.

1 ACCEPTED SOLUTION

Accepted Solutions

L5 Sessionator

There is currently no way to break out a static IP from a pool and assign it to a specific user.  You'd have to create a separate SSL VPN with the static address.

View solution in original post

6 REPLIES 6

L5 Sessionator

There is currently no way to break out a static IP from a pool and assign it to a specific user.  You'd have to create a separate SSL VPN with the static address.

Is there a way to do this now?  Figure I would ask again since this post is almost a year old.

Thanks!

Why not use the fact that you are identified as a user when logging in to the VPN-Portal? If the tunnel-interface is in it's own zone you can create security rules based on source user rather than static IP's.

That might end up being the solution.  The only issue with that is currently all access controls of remote users is based on IP and not user, group, etc.

In my specific case, I only allow certain IP address to connect to the management port of the PAN device. I would need the static IP address to enter on the PAN config.

I understand what you are saying, and I agree it would be ideal if we could use static IPs.

I'm just saying that using "source users" could be a workaround in some cases. For instance allowing the SSLVPN network to manage the box, but then limiting which users actually can access to the management interface with a user based security policy. Just want share some ideas of doing things differently by taking advantage of knowing the source users.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!