Applying Network Policies to Groups within a User Authentication System
How to apply network policies to multiple user groups within the user authentication system.
Log into SputnikNet, then navigate to the user authentication system overview.
SputnikNet's user authentication system is unique in that it can include multiple groups, each with its own set of network policies. Authenticated users can be assigned to specific groups, and inherit group-specific policies when they log in.
To set up groups and apply network polices to them, log into SputnikNet and click on "Users" from the Authentication menu.
Select a user authentication system.
Add multiple groups.
Edit a group's network policies.
Note that in addition to the groups we created, an "all" group is created by default. This group contains all users and can be used for authentication system-wide network policies.
Click on "[Edit]" under "Network Policies" for the "all" group. These are policies that apply to all authenticated users.
Select the network policies that you want to apply to all groups.
Select the network policies that you want to apply to a specific group.
Select the network policies that you want to apply to additional groups.
Continue to define policies for various groups. Here, we apply "Block Private Nets" and "Guest Printer Access" to the Club Members group.
NOTE: if you want to control the order that policies apply, select them sequentially, one by one, and click "Update Policies" after each new policy. In this case, we would want "Guest Printer Access" to apply first in order to allow connections to the local printer before the "Block Private Nets" rule restricts local network access. However, there is one exception: the standard "Block Private Nets" rule defined in SputnikNet is always applied last. Therefore, in this specific example, we would click both network policies and then click "Update Policies" once.
Review network policies.
You will see a list of network policies in the order they will be applied for each group. Click on "[Edit]" to make any further changes to the group, or on the name of a network policy if you want to view more information or modify it.
As noted, if a user is a member of more than one group, policies are applied to them first in group order, then in network policy order. In this example, "Club Member" users would have policies applied to them in the following order: 1. Content filtering (because they are a member of "all"), 2. Guest Printer Access, 3. Block Private Nets.