access porta witj Vpn SSL only

Hello,
is it possible to access the access portal only after connecting with the SSL VPN?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Cristiano

    The access portal is designed to effectively replace the need for a VPN since it's securing the connections.

    Access portal relies in part on the SSLVPN, which is why they share access policies and ports. The Access Portal's access from the outside is governed by the "WatchGuard SSLVPN" policy on your firewall. Trying to block access to the Access Portal from the outside would also block access to the SSLVPN from the outside (meaning users won't be able to get on the VPN.)

    What specifically are you trying to accomplish by forcing users to connect to the SSLVPN first?

    -James Carson
    WatchGuard Customer Support

  • Hi James,

    exactly, i would like the user to connect in vpn first

  • james.carsonjames.carson Moderator, WatchGuard Representative
    edited May 17

    Hi @Cristiano

    Access portal is designed to be a replacement for using the VPN. This won't be possible as it goes against what the feature was designed to do.

    If you can give me an example of why this is needed, I'd be happy to get a feature request put in for it. Since it's going against what the feature is designed to do, I'd need to include very strong reasoning why this needs to be possible.

    -James Carson
    WatchGuard Customer Support

  • Hi James,

    maybe I still haven't understood how it works, is that access to the portal seems pretty simple and unsafe, but if you tell me that it has been designed to replace the VPn ok, is it possible to implant us the authpoint?

    Thank you

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Cristiano

    The Access Portal is compatible with AuthPoint. You can set that up using the guide here:

    (Firebox Access Portal Integration with AuthPoint)
    https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/access-portal-saml_authpoint.html

    The access portal itself renders a connection (via SSH, RDP, or HTTPS proxy) via a TLS connection to the client. This encrypts the traffic and displays whatever the end user needs to do in the webpage itself. It's safe to use Access Portal without a VPN because it encrypts the connection.

    For an overview about what Access Portal is and does, I'd suggest looking at the docs page here:

    (About Access Portal)
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/access portal/access_portal_about.html

    -James Carson
    WatchGuard Customer Support

  • Tank you James

Sign In to comment.