Is there a way to restrict access to Azure resources for certain point-to-site users? For example, I want to allow a P2S VPN user to have access one VM but not another, or one subnet but not others. Right now it seems like once you are in, you are in for everything that that VNET can access.
1
votes
1 Answers
0
votes
To restrict some clients to access to Azure resources like VM or subnet, you could add inbound port rules in the Network security groups associated with the subnet or NIC of VM. The Source in the Security rules would be the internal IP on the VPN client machine that connects to Azure resources with a point-to-site connection.
For more information, you could refer to the Azure network security overview.
