How to allow user to Remote Desktop to server on their subnet that they are belong to?

Question

I configured the webtop to allow users to enter their Remote Desktop Connection IP address to AWS EC2 instance.  Next, I want to only allow specific groups to have access on their AWS VPC subnet.  We managed multiple AWS VPC for different program groups.&nbsp;
Right now, user can enter IP address for RDP that belong to another program VPC subnet.&nbsp;
For example:
User (from Program1) should only RDP to any servers on their subnet 10.0.1.0/24, but they can still RDP to any servers to another Program subnet.  I need to find a way for Program1 only have RDP access to their subnet 10.0.1.0/24 not other subnet.&nbsp;
I tried using ACLs, but the problem is that Remote Desktop object on F5 is part of ACL and I’m using variable: %{session.logon.last.ipaddress}:3389 which will allow any IP address.  It will never go to the next ACL in order.  See picture:&nbsp;
&nbsp;
Any idea how I can do this?&nbsp;

stanislas_piro2 · Answer

change ACL order to set user-defined ACL before Remote desktop ACL.&nbsp;

Forum Discussion

How to allow user to Remote Desktop to server on their subnet that they are belong to?

1 Reply

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

F5 Sending syslogs with two hostname to remote syslog server

Remote Active Directory

ASM Logging profile w/ Remote Storage

problem native windows remote desktop

Remote Desktop Connection to Internal Servers