Support Center > Search Results > SecureKnowledge Details
Policy Verification Error: "Only User Groups are allowed as Source in VPN and Client Authentication Rules"
Symptoms
  • Policy verification fails with the error: "Only User Groups are allowed as Source in VPN and Client Authentication Rules"
  • There is a rule with "Remote Access" in the VPN column and an Access Role in the source.
Cause

Access Roles for the Identity Awareness enforcement cannot be used in rules where the VPN column contains a community (Remote Access or other).


Solution

To add users/groups as source for Remote Access VPN rules:

Right click in the source column of the Rule Base and select Add Objects > Legacy User Access

In rules with Access Roles, set the VPN column to "Any Traffic".

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment