Got it
Huawei Enterprise Support Community
Community Forums Security
Resource access control f...

Resource access control for SSL VPN users by the USG

Created: Sep 30, 2021 11:38:25Latest reply: Sep 30, 2021 11:41:59 237 3 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hello Community 


My question is about Resource access control for SSL VPN users if it's supported by USG or not


Thank you.

Like (0) Dislike (0) Favorite(0) Share Report
Previous: SSL VPN
Next: Procedure of Importing SSL VPN users to the USG6000 from the server
Featured Answers

Best answer

(0) (0)
fuzi_yao
Admin Created Sep 30, 2021 11:41:59

Hi  friend,
Do you mean that users are only allowed to access some intranet resources? SSL VPN support, you can see the manual port extension, web proxy.

View more
  • x
  • convention:

Recommended answer

(0) (0)
tubaboraka
MVE Author Created Sep 30, 2021 11:40:44

Hi

The USG controls the resources accessible to SSL VPN users. On the USG2000 or USG5000, access control policies can be configured. There are three types of access control policies:

  1. Source IP address: The USG determines whether a user can access internal resources based on the source IP address.

  2. Destination IP address: The USG determines whether a user can access internal resources based on the destination IP address and port.

  3.  Uniform resource locator (URL): The USG determines whether a user can access internal resources based on the resource URL. Access control policies can apply to users or user groups. On the USG6000, access control can be implemented based on roles. The details are as follows:

    1. Service enablement: Specify services available for specified roles, including web proxy, network extension, file sharing, and port forwarding.

    2. Resource authorization: Specify accessible resources if a specified service is enabled. If no resource is specified, users of the specified role cannot access any resources. After the network extension service is enabled, users can access all IP resources.

View more
  • x
  • convention:
All Answers
(0) (0)
2#
Chenxintao
Chenxintao Admin Created Sep 30, 2021 11:39:23

Hello, dear!
It's nice to meet you in the community.
We're working on your problem. Please be patient.
View more
  • x
  • convention:
(0) (0)
3#
tubaboraka
tubaboraka MVE Author Created Sep 30, 2021 11:40:44

Hi

The USG controls the resources accessible to SSL VPN users. On the USG2000 or USG5000, access control policies can be configured. There are three types of access control policies:

  1. Source IP address: The USG determines whether a user can access internal resources based on the source IP address.

  2. Destination IP address: The USG determines whether a user can access internal resources based on the destination IP address and port.

  3.  Uniform resource locator (URL): The USG determines whether a user can access internal resources based on the resource URL. Access control policies can apply to users or user groups. On the USG6000, access control can be implemented based on roles. The details are as follows:

    1. Service enablement: Specify services available for specified roles, including web proxy, network extension, file sharing, and port forwarding.

    2. Resource authorization: Specify accessible resources if a specified service is enabled. If no resource is specified, users of the specified role cannot access any resources. After the network extension service is enabled, users can access all IP resources.

View more
  • x
  • convention:
(0) (0)
4#
fuzi_yao
fuzi_yao Admin Created Sep 30, 2021 11:41:59

Hi  friend,
Do you mean that users are only allowed to access some intranet resources? SSL VPN support, you can see the manual port extension, web proxy.

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.