Granular protocol restrictions

New user here, just kicking the tires on Twingate.

Scenario I can’t seem to address:

User A only needs RDP access to a resource - simple, restrict to TCP port 3389 on the resource settings.

Now, User B needs full access to the same resource (all ports) - here’s where I am stuck. I don’t see how to set this up.

Sorry if the documentation exists for this already, I couldn’t find anything.

In this case you would create two resources.

Same IP different ports and protocols as you describe.
Each user would be in a different group.

One group for each resource.

User A - Resource A:3389 - Group A
User B - Resource A:(All ports) - Group B

Does that make sense?

1 Like

Jason’s solution is the only way to do this today. Let us know if it works!

I’ll keep this request in mind for our future roadmaps as more granular controls for a specific Resource comes up now and again.