[OpenVPN] Is there a way to define firewall rules based on AD group or user

Started by nekopep, June 10, 2023, 11:31:49 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 10, 2023, 11:31:49 AM
I'm using openvpn with ldap authentication connected to our windows Active Directory.
When openvpn client connects it uses user and password form AD. (so opnsense has the ability to know if an user is in a specific AD group)
I want to define some specific rules like: if user in "Developer Group" allow ssh to xxx.xxx.xxx.xxx internal IP.
Is there a way to do this on openvpn?
Thx!
(ps: I'm migrating from stormshield, and it has this functionnality)
June 10, 2023, 11:46:16 AM #1
Firewall > Aliases > OpenVPN group

should do the trick. I have not tried it with AD, though.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 31, 2024, 04:51:28 PM #2
Hi, it work? regards
Print
Go Up Pages1
User actions