SSL Extender & SecureClient User Differentiation

[wandererz]

Does anyone have any experience with regards to separating users access depending on whether they login via SSL Extender or SecureClient?

i.e. When one creates a VPN user, he/she is able to login via SecureClient as well as SSL Extender & have whatever access is configured in their VPN rule.

I need to restrict the user if logging in via SSL Extender.
i.e Login via SecureClient & gain full access
but if logging in via SSL Extender then only gain access to specific
devices/services.

Anyone know how this can be configured.

Thanks

[Ronny_Geerkens]

I have asked Checkpoint the same question a few months ago. They told me the only way to do this (at this point) is to use scv checks. You can restrict access based on the scv check results.

[dan.dressler]

I presently have 100 users using secure remote and I just added a license for 25 users for the snx-ssl extender, but i am having difficulty getting a step by step instruction sheet from checkpoint for defining a seperate group for ssl extender users, and then the exact steps for enabling ssl extender for specific users --i don't want the secureremote users to be affected.--i am using ngx r62 checkpoint firewall running on windows 2k sp4 and i have found from within the smart dashboard how to enable or turn on ssl extender and also how to allow "office mode" for all users, but I haven't proceeded yet, because I don't know what the proper or best approach should be, and after spending time on the phone with checkpoint, they sent me a handwritten paragraph telling me to create a group and allocate ip addresses to that group, then turn on ssl extender. I need to know will this affect my current secure remote users and will I need to reboot the firewall. Im definately not seeing the big picture of how the ssl extender fits into my present vpn secure remote approach and what affects it will have on my present users. Any help from veterans out there would be greatly appreciated.
Thanks