SSL VPN
Reply
Trusted Contributor
jozef.klacko
Posts: 142
Registered: ‎07-19-2010
0

Access to two separated network subnets

Hi all

 

Is this scenario on SA2500 possible?

I have two subnets. For example 10.1.1.0/24 and 10.2.2.0/24. They are separated with no route between them and.

I want to have access to both of them with one user account via SA. So I created two vlan ports with IPs in that subnets. I know I can create also virtual ports. But cannot add virtual ports on vlan from other ip range. Could it be possible by mapping user to two roles, both with (users - user roles - role1 and role2) VLAN/Source IP checked and with role mapping mering configured to "Merge settings for all assigned roles" ? Are there any other possibilities?

 

Regards

Trusted Contributor
jozef.klacko
Posts: 142
Registered: ‎07-19-2010
0

Re: Access to two separated network subnets

Anybody?

Trusted Contributor
SonicBoom
Posts: 195
Registered: ‎07-06-2009
0

Re: Access to two separated network subnets

i'm going to take a stab at this, i know one way to do this is by creating a seperate realm for the second subnet, so you would have users go to remote.network.com and if they need to use the other vlan go to remote.network.com/vlan2 or whatever you would like to name it.

 

i know for a fact if you map users to two roles with the same info the first role is used and second one is ignored, i think the other option is using host checker to detect users IP address then perform some sort of redirect to the second role.

 

hope this helps or at least starts the ball rolling for you

Power On
http://vology.com
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.