cancel
Showing results for 
Search instead for 
Did you mean: 

Who rated this post

Cyber Elite
Cyber Elite

@nfsfantasy,

You would already have the user-id information to go through and modify your security rulebase to accomplish what you are looking to do, and you would hopefully have your VPN users segmented into their own zone to make things easier. You simply need to go through and create the security rulebase entries dictating what users (or groups) should have access to what resources, and then deny anything that they should have access to. 

It sounds like whoever configured your GlobalProtect installation simply made a general allow-all rule for these users. That generally isn't what you would want to do. 

Who rated this post