Restrict External TS access via SBS2003/Citrix Access Essentials

Pol0x used Ask the Experts™
Setup is this. DM=SBS 2003, Citrix Access Essentials is used via TS for remote facilities to access server hosted applications. The remote facilities are connected using VPN tunnels via Sonic Wall. Internal access is established by accessing a secondary IP on the Citrix server. External access is used via https registered subdomain. I need to allow all authenticated users access to the Citrix server via VPN tunnel (using TS). This is how it is currently setup. I also need to restrict at the same time some of the same users access via https (from home) without restricting them while they are at the facility (using the VPN). The problem Im having is I can restrict TS for a user account but that will also prevent them from using TS while they are accessing via VPN tunnel. I dont know if im complicating a simple issue or if what is requested, not possible.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Do your users access a web interface to connect?  If so I would recommend you create two sites.  One for external users and one for regular users and then implement "Restrict Access" from thomas Koetzing.

This will allow you to deny users access based on security groups in AD.  Therefore regulars during the day can hit the normal WebI, but when users log in from home, they hit the WebI that says if they are not in the "VPN User" security group, they cannot log in.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial