Scenario 2

We will define two groups that only admin group members will reach the web service

Let's start

• Create a webserver service (select Tcp/Udp) that targets your local network machine (for example 192.168.50.150) with tcp 80
• Note assigned ip, we will use it for checking
• Create an admin group
• Create an remote group
• Add your user to admin group
• Create a user with named remoteuser and add to remote group
• Create a policy authentication rule for accessing my network, select admin group and remote group
• Create a policy authorization rule for access webserver service to access admin group

Client Install

Install a client with following clients document

Check

Open client, and connect to zero trust, with admin user first and follow below

• Get webserver service assigned ip address, from above

• Then on bash or powershell

    curl web

    curl 'ip'

Reconnect again with remoteuser and check it again

Example