Technical Tip: Binding SSL VPN user/group to public IP address

User1 of User1Group1 from PC1 with Public_IP_1 can connect to ssl_vpn.
User2 of User2group2 from PC2 with  Public_IP_1  cannot connect to ssl_vpn.

3) Create SSL-VPN portal.

- Go to VPN -> SSL -> Portals.
- Configure portals 'full-access-1'.

4) Configure SSLVPN connection settings.

Go to VPN -> SSL -> Settings.

- Select the listen external interface, listen port.
- Restrict the access to SSLVPN to the public IP previously defined ( Public_IP_1 , Public_IP_2).
- Associate user/group to SSLVPN Portals.

Note:
So far the address groups have been associated to the portal, but there is not an exclusive restriction yet by the public IP: user1 can access from both ‘ Public_IP_1 'and ‘ Public_IP_1 '.

Following CLI only config on autherntication-rule under VPN SSL setting provide the behavior request.

- Go to CLI via SSH and specify source-int (port3 only in this case) and source-address per authentication rule.

# config vpn ssl settings
       config authentication-rule
            edit 1
                set source-interface "port3"
                set source-address " Public_IP_1 "
                set groups " User1Group1"
                set portal "full-access-1"
            next
            edit 2
                set source-interface "port3"
                set source-address " Public_IP_2"
                set groups " User2Group2"
                set portal "full-access-1"
            next
        end
end

5) Configure policy.

Go to Policy & Objects-> Policy -> IPv4.

Test 1.
Try to login from Public_IP_1 with User1 and User2.

Test 2.
Try to login from Public_IP_2 with User1 and User2.