Any way to force a disconnect for a client VPN connection?
I hope I am not being dense. The way I understand connections through the MX is once a connection is made it is kept alive until one end drops the connection. Is there anyway to force the drop from the MX end other than disconnecting the WAN?
For instance, a user has their VPN connection active through the MX and I want to disconnect them from my side. Say a user is being terminated or a malicious entity has somehow gotten in through one of the connected clients. Is there anyway to drop their traffic?
I tried through a Layer 3 rule, denying traffic from their IP, but the session was already connected and the endpoint still showed traffic. Luckily this time it was a test.
Re: Any way to force a disconnect for a client VPN connection?
I've tested this just now and it works, if you goto the devices, find their device and give them the policy of blocked, it will leave them connected to the VPN but they won't be able to actually do anything.