User profiles tab
All servers configured in the SSL VPN module are listed on the Stormshield Network authentication portal by default. As such, users who have the right to access SSL VPN features on the firewall have access to all the servers configured by the administrator. The concept of using profiles enables determining which users will have access to which servers configured in SSL VPN.
Configuring a profile
Adding a profile
The procedure for adding a profile to the list of available SSL VPN profiles is as follows:
- Click on Add.
- Specify the name of the profile.
- From the list of “Accessible web servers” and “Accessible application servers”, select the servers that will be accessible to users that belong to this profile.
- Click on Apply to activate the configuration.
Profiles cannot be created if there is not at least 1 configured SSL VPN server.
Deleting a profile
The procedure for deleting a profile is as follows:
- Select the profile you wish to delete.
- Click on the button Remove.
Using a profile
Profiles can be used in 2 ways:
- Either as a default profile in SSL VPN configuration,
- Or assigned to one or several users as the specific profile of these users.
Using a profile as a default profile
The procedure for using a profile as the default profile in SSL VPN configuration (users who do not have a specific profile will be assigned this default profile) is as follows:
Create a profile in SSL VPN > User profiles.
Define the profile to be used as the default profile (name of the profile and associated servers) in the configuration menu Users > VPN Access privileges > default access > SSL VPN.
Using a profile as the specific profile for one or several users
The procedure for using a profile as the specific profile for one or several users (regardless of the list of servers defined by the default profile, these users will possess a list of specific servers) is as follows:
- Define the profile to be used as the specific profile (name of the profile and associated servers) in User profiles in the SSL VPN module.
- Click on Apply to apply the changes.
- In the module Users > VPN Access privileges > VPN access, select the user from the “SSL VPN” column
- Select the profile defined earlier.
- Click on Apply.