INTRODUCTION
Access rules in the User Rights settings are treated very similarly to the rules in the Computer Rights setting.
In order for a rule within the User Rights setting to take effect, it necessitates the presence of a registered Connection Suite user currently logged in through the IP login interface on the originating computer from which the packet originates.
This implicit rule remains unaffected by other settings; thus, even if a rule is entirely blank, it will only be applicable if a user is logged into the source computer.
Moreover, if a user rule specifies a value in the User group setting, the logged-in user must belong to that designated group. A blank User group setting is construed to encompass any user.
Additionally, User Rights rules are handled in the same manner as Computer Rights rules. It's essential to note that Computer rules hold precedence over rules with User Rights (Authentication).
EXAMPLE 1
The following rule specifies that to access the internet via the 10.0.0.0/24 network, users must authenticate using a valid Dualog account assigned to the Crew User group to utilize the internet through the Dualog system.
EXAMPLE 2
The following rule dictates that accounts within the Captain User group, upon logging in and authenticating on any available network onboard, will exclusively be granted internet access to teams.com.
STEPS
- On the Dualog Portal > go to the main menu on the left > Connection Suite > Network Control
- Configure network control > select a vessel under ship config (If you want to create a ship specific rule, otherwise, click on Firewall rules for organization-wide)
- Under Firewall > Create Ship Rule
- Check on the box "Require user login"
- Select a user group
- Add destination if required (If no destination is added, it will indicate full internet access)
- Create Rule
Comments
Article is closed for comments.