I have an edge MX is connected directly to MS 425 and All my Server farm connected to MS425.
VPN client using 172.16.100.0/24 subnet and all remote users have access to all server's traffic via this subnet.
Now i decided to control some remote users to not going everywhere but how? I have no ACL in VPN client Also I have no option to make static VPN client IP for users, looks like VPN client in MX just makes DHCP without any option?!!!
Because we have many different Servers/Resources and remote users need to connect to a specific different server, i need to filter them via IP in ACL, at the moment because we have no control of VPN Client subnet, we can not do it.
VPN client IP Like a DHCP server with no option.
because the user pulling IP from VPN client DHCP, the user has different IP when they connected to VPN and next time it gets changed, so I can not make ACL based of IP.