- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So i've made a VPN for mobile pc client...
PSK and Xauth enable...
create local user on the netvanta 3448.
configure the client with the PSK...
Everything works Number 1..... well it works to much
All the local user have access to the web, ssh or any other interface to... This AINT good
How can i restrict user to the VPN connection only and thing else...
Can't create a new user list ... unless it`s hidden somewhere or any other similar stuff...
VPN is a wonderfull thing but when youre user can change information in the web interface THIs AINT GOOD....
Thanks !
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Not the Solution
- Report Inappropriate Content
After speaking with an adtran rep... Radius server is the only way possible or me to do it right....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
Are using the GUI or command line?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
Both aint a problem !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
System -> Passwords -> Portal-List (Tab)
Create a new portal list with everything checked.
Back under users apply the list to your login but not the VPN user.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
What I did earlier today :
- Create an admin portal list:
- Added the user in that portal list that needed to be.
- All other user are in <none>
- All those user can log into the https or ssh interface without any problem.
So guessing what you have wrote is what i did;.... unless i'm wrong...
Thanks for helping... let`s sole this out !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
Try creating a new portal-list that only has console enabled and apply it to the VPN users.
Under the "Enable" tab make sure a password is set.
The user will be able to login but without the enable password they wont be able to change anything.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
I've added a new portal-list named: VPNAccess with Console access checked only.
User X as VPNAccess as his portal.
The user X can`t connect with VPN (bridge dosen`t link itself) but the user X can`t connect to SSL anymore wich is the good thing !
pre-shared key configured
bringing up tunnel ...
user authentication error
tunnel disabled
detached from key daemon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
I recall I had a similar problem awhile back.
Once a portal-list is attached to a user it won’t authenticate.
At the time we used the Radius option (FreeRADIUS).
I’m not sure if there is another way but perhaps someone from Adtran can chime in.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
Any 1 else have a suggestion ???
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Not the Solution
- Report Inappropriate Content
After speaking with an adtran rep... Radius server is the only way possible or me to do it right....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Accept as Solution
- Report Inappropriate Content
Re: VPN vs Local User MAJOR issue ...
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
Thanks,
Levi