Using local user database in security rules.

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using local user database in security rules.

L2 Linker

Dear all,

Can a user defined in the local user database to be used on security policies?

What we need to deploy is that when a user authenticates via SSL VPN (using the local user database) to be able to apply security policies based on this specific username.


George Goundras


L6 Presenter

removing my last response as it was intended for a different thread.

The correct response for this thread is:

Yes you can use firewall in the manner you describe.

SSL VPN users in the local database on the firewall can be used for the "users" field in security policies.

I've run into issues with using local groups in PA rules.  Individual local users work fine, but when trying to use locally defined groups, I've run into problems.

I'll try to open a case with support to get it checked out.


I know about the issues of using local user groups in these security rules. I have tried to use them but with no success. Because I did not have a specific requirement for this, i did not go further, but I know that they may not work correctly.
Defining the users one-by-one will work, but I think that they need to be also placed to the "additional users" field one by one.


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!