Restrict Remote VPN to a specific AD Group with NCC

LESPIAUC_Info_40
LESPIAUC_Info_40 Posts: 3  Freshman Member
First Comment First Anniversary

Hi,

I try to restrict Remote VPN to a specific AD group but I can't do it.

Here is screenshots of my configuration :

Capture d'écran 2025-05-28 162531.png Capture d'écran 2025-05-28 162547.png Capture d'écran 2025-05-28 162558.png

Do I've made a mistake ?

Thks

All Replies

  • LESPIAUC_Info_40
    LESPIAUC_Info_40 Posts: 3  Freshman Member
    First Comment First Anniversary

    Any ideas ?

  • Zyxel_Melen
    Zyxel_Melen Posts: 3,387  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @LESPIAUC_Info_40,

    I did a local lab with your security policy. Based on these security policies, the VPN connection will always hit the deny rule, since the VPN user information hasn't learned on firewall.

    For workaround, we can set some rules to block VPN traffic for non-VPN group users. Below is the example:

    image.png

    For your original purpose, I'm checking with our engineer. I will update you once I get an update.

    Zyxel Melen


Nebula Tips & Tricks