Restricting A User's Access to the Connect Tunnel Download Shortcut While Still Allowing Connection
03/26/2020 4 10461
Restricting A User's Access to the Connect Tunnel Download Shortcut While Still Allowing Connections From Connect Tunnel
On version 10.0.0 and later, there is a built-in Connect Tunnel resource which is used for two things:
- The link that shows up on WorkPlace which allows a user to install Connect Tunnel
- Controlling connections from Connect Tunnel clients
This knowledge item will explain how to use this resource in an ACL to keep users from seeing the link on WorkPlace while at the same time allow those who already have Connect Tunnel to still connect.
- In AMC, create a new deny rule from a user or a group of users to the built-in Connect Tunnel resource:
- Click Next at the bottom of the rule page to be taken to the Advanced options for this rule.
- Under Client software agents, select Selected and then select only Web Browser (HTTP/HTTPS):
- Save your new rule by clicking the Finish and add another button.
- Create a new permit rule, ordered after your previous deny rule, from a user or group of users to the built-in Connect Tunnel resource:
- Under Client software agents, select Selected and then select only Aventail Connect and/or Aventail OnDemand (TCP/IP):
Note: You can ignore the Invalid resources warning that appears in AMC.
- Save your rule by clicking the Finish button.
- Apply changes in AMC.