access porta witj Vpn SSL only
Hello,
is it possible to access the access portal only after connecting with the SSL VPN?
0
Sign In to comment.
Hello,
is it possible to access the access portal only after connecting with the SSL VPN?
Comments
Hi @Cristiano
The access portal is designed to effectively replace the need for a VPN since it's securing the connections.
Access portal relies in part on the SSLVPN, which is why they share access policies and ports. The Access Portal's access from the outside is governed by the "WatchGuard SSLVPN" policy on your firewall. Trying to block access to the Access Portal from the outside would also block access to the SSLVPN from the outside (meaning users won't be able to get on the VPN.)
What specifically are you trying to accomplish by forcing users to connect to the SSLVPN first?
-James Carson
WatchGuard Customer Support
Hi James,
exactly, i would like the user to connect in vpn first
Hi @Cristiano
Access portal is designed to be a replacement for using the VPN. This won't be possible as it goes against what the feature was designed to do.
If you can give me an example of why this is needed, I'd be happy to get a feature request put in for it. Since it's going against what the feature is designed to do, I'd need to include very strong reasoning why this needs to be possible.
-James Carson
WatchGuard Customer Support
Hi James,
maybe I still haven't understood how it works, is that access to the portal seems pretty simple and unsafe, but if you tell me that it has been designed to replace the VPn ok, is it possible to implant us the authpoint?
Thank you
Hi @Cristiano
The Access Portal is compatible with AuthPoint. You can set that up using the guide here:
(Firebox Access Portal Integration with AuthPoint)
https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/access-portal-saml_authpoint.html
The access portal itself renders a connection (via SSH, RDP, or HTTPS proxy) via a TLS connection to the client. This encrypts the traffic and displays whatever the end user needs to do in the webpage itself. It's safe to use Access Portal without a VPN because it encrypts the connection.
For an overview about what Access Portal is and does, I'd suggest looking at the docs page here:
(About Access Portal)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/access portal/access_portal_about.html
-James Carson
WatchGuard Customer Support
Tank you James