Support Center > Search Results > SecureKnowledge Details
Allowing specific access to different RADIUS users based on User Groups using Client Authentication
Symptoms
  • Although two distinct RADIUS authenticated User Groups were defined, in Rule Base cannot distinguish between access privileges based on RADIUS authentication, and access privileges based on User Groups.
  • generic* is a member of both User Groups.
Cause
The User Groups created on FireWall-1 were configured with generic* as a member. You cannot separate the generic* user into two User Groups, as generic* then becomes a member of both groups. Thus, giving access to the resources that generic* is allowed via the created rules.
Solution
Note: To view this solution you need to Sign In .