Creating a UserVPN Profile
When you use a VPN (Virtual Private Network), a user is dynamically assigned a virtual IP address when connected to a gateway. You can define resource-access policies based on the users. For example, you can have one policy for all users and then give different policies to different departments and business groups.
The profile-based security policy lets you define security rules to a target address, protocol, and ports. The default rule for a profile can be configured as deny all or allow all during profile creation. This capability allows flexible firewall rules based on the users, instead of a source IP address.
The security policy is dynamically pushed to the landing VPN gateway when a VPN user connects. It is only active when a VPN user is connected. When a VPN user disconnects, the security policy is deleted from the VPN gateway.
To create a VPN Profile:
-
Go to Aviatrix CoPilot > CloudFabric > UserVPN > select the Profiles tab.
-
Click + Profile.
-
Enter the following information:
Setting | Description |
---|---|
Name |
Enter a clear name for the profile. |
Security Policy |
|
Base Policy |
Select one of the two radio buttons:
|
+ Deny Rule or + Allow Rule |
|
User |
To assign a user to this profile, enter the user’s name and press Enter. |
Click Save.
The VPN profile is saved.