Can I limit a user account to specific network devices only

Using a FB T-10 and the internal auth server. I would like to limit Firebox authentication of certain users to only certain network devices.
For example: User1 can only login on PC1 and Tablet1. User2 can login using any device.
In essence, I would like to limit certain users to be able to login only on certain devices and/or block certain user accounts FROM logging into certain devices.
I am not sure the internal FB DB can do something this specific or I would need a RADUIS server or some other external auth server.
Would like to clarify if I can and how. So far I cannot find where I could do it using the internal firebox auth server and setup.

Thanks.
If this has been asked and answered much earlier a link to it would be great.

Comments

  • No way to do this with XTM using the authentication applet and Firebox-DB.

    You would need an authentication process which also checks the IP addr of the device or possibly the MAC address of the device.
    For the IP addr check method, you would need a known IP addr for each device, possibly via DHCP reservations.
    For the MAC addr check method, your devices could not be behind another routing device.

  • Thanks Bruce. I thought that would be the case using just the internal DB.

Sign In to comment.