Access Role - Remote Access Clients

What can I do here?

Use this window to assign the access role to remote access clients.

Access Roles for Remote Access

For R80.x gateways, create Access Roles for Remote Access and VPN Clients to include them in rules in the Access Control Rule Base. This applies to Mobile Access and IPsec clients. When an Access Role for a client is in the Source column of a rule, the rule applies to traffic that originates from that client.

You can also use an Access Role in the Destination column.

You must enable Identity Awareness on each gateway that is an installation target for rules with Access Roles.

Creating Access Roles for Remote Access and VPN Clients

To create an Access Role for a new Remote Access or VPN client:

1. Open a New Access Role window in one of these ways:
   • In the object tree, click New> More > User > Access Role.
   • From the Source column of the Access Control policy Rule Base: Click > click > select Access Role.
2. Enter a Name for the access role.
3. Optional: Enter a Comment or click the down arrow to select a Color for the object.
4. From the left pane, select Remote Access Clients.
5. Expand the Specific Client list and click New > Allowed client.
6. Click to select a client and enter an object name.
7. Click OK.
8. Optional: To make the Access Role include only specified users, select Users from the left pane and define the allowed users.
9. Click OK.