Hello everyone,

I'm trying to make use of the user based functionality on a 2920 and I'm finding it a bit confusing. It would be great if someone could give me some pointers.

The Scenario

I would like to use a single user account to apply certain firewall policies while I'm working remotely. If i'm at a location where I don't know what IP address I'll be using, I'd normally access the firewall management console remotely and modify firewall policies on a temporary basis - allowing RDP or SSH from a specified host IP for example. If you're out and about quite a bit, this can get annoying and there's always the risk you'll forget to remove these temporary policies. I'd much rather have a user based policy that allows RDP Any > Any once authenticated.

However I'd want to keep my IP existing based rule sets in place for fixed services where policies are not user based.

I'm not sure how to implement this in the Draytek. I notice that in each filter rule I have the option to select a user for use with user management, but this seems to have no effect on the policy behaviour. I've been reluctant to swich to user mode in the general firewall settings in case it interferes with the existing IP based policies.

Can anyone give me any advice on how to proceed or if the above scenario is even possible?

thanks!

Hi,

Please check the following link for example : http://www.draytek.com/user/SupportAppnotesDetail.php?ID=906

Hope this helps.

regards,

rj