Not as you've laid them out. UTM is not a NAC and cannot filter access from VPN to different authentication types based on the OS of the client system they are using. If you want to limit access to internal hosts for VPN users, here's how to do it simply with SSL VPN. Let's say we have two remote users, Fred and Barney. Fred should have remote access to a machine on the LAN with IP 192.168.50.7 only. Barney gets access to anything on the LAN. Go to Remote Access>>SSL>>Profiles, and create a new profile. In Users and Groups, add the account for Fred. In Local Networks, add a host definition for 192.168.50.7. Keep the auto firewall rule checked. Now create a new Profile for Barney. The only difference here is you'll add Internal (Network) to Local Networks, Done. For Win machines, the UTM comes with the SSL VPN client software, which users can download from the user portal, once they are added to a VPN profile. OSX and Linux users can get the config from the user portal and install an applicable OpenVPN client.
↧