I’m hoping someone can point me in the right direction or give me some advice on how we can accomplish the below.
What I would like to do is control access to subnets via active directory security groups, so if a user is in a certain security group they will be denied access to one subnet and have access to all other subnets.
I’m currently running a VMware cluster which hosts my production and demo environments and I now need to separate our demo systems from our production environment. We are planning to keep our production environment on 192.168.3.0/24 and create a new subnet 192.168.4.0/24 and move all my demo systems into this subnet using VLAN’s. All my users’ desktops will be left on the production network (192.168.3.0/24). I need to restrict access to some of my users accessing the demo environment and I would like to control this through AD.
Can you please advise me how I would accomplish this or if this is a good way go?