VPN & Client behaviour customization
This is an enterprise feature. To use it, purchase our enterprise license or ensure that your deployment does not exceed the usage limits.
After purchasing the Enterprise License the Enterprise features tab will be activated, enabling the administrator to configure additional features:
Disable for users to manage their devices
When this option is enabled, only users in the Admin group can manage devices in user profile, for any other users adding/editing/removing their VPN devices is disabled.
Disable ability to configure other VPN clients then Defguard desktop client
If 'Disable users' ability to manually configure WireGuard client' option is enabled, then any user has only possibility to configure Defguard desktop client.
This option will not be available for users:
Disable All Traffic option in the desktop client
One of Defguard desktop client unique features is the possibility for the user to automatically route All network traffic from their device through the connected VPN Location, when the user checks All traffic option:
But there are scenarios that administrator would like that users have only access to the predefined traffic (meaning Allowed IPs in the Network VPN configuration) and the possibility to access all networks disabled.
When enabling this option, users will only have predefined traffic available in their desktop client and the all traffic option disabled.
Please note that this option is only client-side enforced, meaning the user may manually modify Wireguard interface to force all traffic to go through the VPN.
Was this helpful?