11-04-2010 01:15 PM
I use the same radius-server (IAS) for Web authentication and Dynamic vpn. But thus Dynamic VPN users can use the login for access to Web authentication. How can I restrict it? Can SRX send different identificator for Dynamic VPN and Web authentication.
11-08-2010 08:41 AM
Unauthorized class? What is it?
According to what I've read this should be possible by assigning the remote user template to the unauthorized class of permissions.
So essentially you'd type set system login user remote class unauthorized. It may need tweaking to allow for Dynamic VPN access though.
Hope this helps.