How can I prevent users from connecting with non-approved devices?

guy
OpenVpn Newbie
Posts: 1
Joined: Tue May 23, 2017 3:20 pm

How can I prevent users from connecting with non-approved devices?

Postby guy » Tue May 23, 2017 3:46 pm

Our OpenVPN AS server setup is nearly finished. I have 20 licensed users, RADIUS integration for RBAC, two-factor authentication, routing is good and all traffic is controlled with a firewall for more granular control. I'm nearly ready to unveil this to my users, but it occurs to me that any user can just repeat the steps we've laid out for their work computers on their home PCs and they would be able to connect from devices that haven't been vetted by our team, and may not meet minimum security requirements.

Is there any mechanism that would prevent this?

rmkjr
OpenVpn Newbie
Posts: 1
Joined: Fri Jun 09, 2017 7:35 pm

Re: How can I prevent users from connecting with non-approved devices?

Postby rmkjr » Thu Jun 15, 2017 7:45 pm

the post auth script can check their adapter's MAC address. Their example script should give you a good starting point.

novaflash
OpenVPN Expert
Posts: 384
Joined: Fri Apr 13, 2012 8:43 pm

Re: How can I prevent users from connecting with non-approved devices?

Postby novaflash » Fri Jun 16, 2017 6:57 am

It's better if you contact us through the support ticket system and request the latest document that describes how to do this, it has more information. It's called the Post-auth MAC address script.


Return to “Access Server”

Who is online

Users browsing this forum: No registered users and 5 guests