Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: nekopep on June 10, 2023, 11:31:49 AM

Title: [OpenVPN] Is there a way to define firewall rules based on AD group or user
Post by: nekopep on June 10, 2023, 11:31:49 AM
I'm using openvpn with ldap authentication connected to our windows Active Directory.
When openvpn client connects it uses user and password form AD. (so opnsense has the ability to know if an user is in a specific AD group)
I want to define some specific rules like: if user in "Developer Group" allow ssh to xxx.xxx.xxx.xxx internal IP.
Is there a way to do this on openvpn?
Thx!
(ps: I'm migrating from stormshield, and it has this functionnality)
Title: Re: [OpenVPN] Is there a way to define firewall rules based on AD group or user
Post by: Patrick M. Hausen on June 10, 2023, 11:46:16 AM
Firewall > Aliases > OpenVPN group

should do the trick. I have not tried it with AD, though.
Title: Re: [OpenVPN] Is there a way to define firewall rules based on AD group or user
Post by: jesusdleguiza on August 31, 2024, 04:51:28 PM
Hi, it work? regards
Text only | Text with Images