SSL VPN
Reply
Contributor
BHPCI
Posts: 10
Registered: ‎07-17-2009
0
Accepted Solution

Best way to provide connectivity through SA4500

I'm a noob on the SA so forgive me if this seems simple...I need to provide access to 15 consultants world wide to about 20 internal development servers (Linux OS) for about 3 months.  Using a local user database, the users need full access to these servers that have been segmented off of our regular internal network.  What is the best way to accomplish this?

Trusted Contributor
rdit
Posts: 154
Registered: ‎07-04-2008

Re: Best way to provide connectivity through SA4500

do you have those internal development servers in a DMZ? cause if you allow RDP/SSH to only those internal machines, without any firewall in between, this may cause a security issue. they could use it as jumgate to access other resources at your network.

 

but to answer your question: you can do this by adding a network connect role and allow those servers for this usergroup in the ACL. you could also do it by using terminal services for ssh.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.