Howto - Userbased rules

Last modified on 27 Feb, 2024. Revision 7
Up to date for
Core 14.00.12
Supported since
Core 13,00,09
Status OK
Author
Tobias Vestin

Prerequisites


  1. Oneconnect server configured
  2. Utilizing Local user database



Creation: Local user database

Head to: System > Device > Users > Local User database

Proceed to create a local user database by giving it a name.

Then head over to Users under the newly created database and add a new user.

In this example we are adding Tiffany.

The important inhere in order to determine rules for Tiffany is the Groups, Tiffany will in this case be apart of permissions1.


Creating: IP4 Address object with groups

If you followed the previous step you should now have the user Tiffany, if the Local user database she belongs to is used in the OneConnect server she is able to login but still don’t have any specific permissions.

To give Tiffany the permissions we need to create an IP4 Address object that search for those groups shes apart of.

Head to: Objects > General > Address Book

Add >IPv4 Address

In this example we are using the address range 0.0.0.0/0, so she may be assigned any address by the OneConnect server, you may also narrow it down to a single ip or the full range of the OneConnect pool.

Head to the next tab: User Authentication

Now give the object the permissions to look for


Creating: Policy using Tiffanys object

You are now able to set policies for Tiffany,

https://docs.clavister.com/repo/cos-core-administration-guide/doc/Rules.html#IP_policies


Related articles

Brian Smart Search (Beta)
15 Jan, 2024 dictionary troubleshoot core stream incontrol incenter oneconnect cloudservice
Configure Clavister OneConnect using deep links
13 Jun, 2022 oneconnect macos ios windows android
Configure Clavister OneConnect for macOS, iOS and iPadOS towards NetWall
28 Apr, 2023 openconnect oneconnect macos ios iphone
Configuring public certificates in NetWall firewalls
18 Mar, 2024 core certificate oneconnect ipsec vpn
Configure the Android OpenConnect client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect for Windows towards Clavister NetWall
29 Oct, 2021 sslvpn openconnect oneconnect windows
Automatic scheduled backup of InControl server database
5 Feb, 2021 incontrol howto backup windows
Lets Encrypt - error 9814 - chain had an expired certs
13 Oct, 2021 oneconnect macos openconnect ios
Certificate update in InControl global domain on certificate that is used on firewall(s)
18 Mar, 2024 core incontrol certificate oneconnect ipsec vpn
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
18 Mar, 2024 onetouch sslvpn oneconnect troubleshoot certificate
Configuring a Captive Portal in cOS Core
12 Apr, 2023 howto core authenticator authentication webauth captive
Using Multicast DNS with cOS Core
24 May, 2021 core howto mdns multicast transparentmode airprint igmp dns
How to perform an offline installation of InControl
26 Jan, 2022 howto incontrol installation
Install OneConnect without Microsoft store
25 Feb, 2022 oneconnect windows howto
Automation of Lets Encrypt certificate updates
23 Jan, 2024 core howto certificate management letsencrypt
Changing the certificate used by the OneConnect client/server
28 Nov, 2022 core configuration oneconnect
Clavister OneConnect server using cOS Core as CA Server
11 May, 2023 oneconnect certificate howto
How to setup a simple cloud-init environment for testing
30 Nov, 2020 howto core cloud-init dhcp
Background apps premission
27 Aug, 2024 oneconnect windows
Configure the OpenConnect-GUI client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core