Hello all
We know that there is an issue when using WebAuth or UserAuth if you have multiple users connecting to a resource behind the firewall from the same source IP. Scenarios where multiple users would have the same source IP would be when the users are connecting from a terminal or Citrix server or their IP addresses are being translated to one source address because of NAT.
If one user authenticates to the firewall using UserAuth or WebAuth, because the firewall is authenticating the user's source IP address the other users connected to the terminal server, for example, could now pass traffic through the firewall without authenticating.
My question is does UAC / Infrauth authentication have the same issue if you are only configuring authentication policies that are based on source IP and not using something on top of that like end point posture assessment to check the client PC has antivirus, firewall etc?
My thinking is if user A and user B are connected to Citrix server and user A authenticates againt UAC and UAC pushes a policy to the firewall that says User A can pass traffic via policy ID 1,3 and 5, because User B has the same source IP they can also pass traffic via policy ID's 1,3 and 5 without having to authenticate.
Does anyone know for sure if this is the case?
Thanks
G