Setting An Ssl Vpn Rule Tutorial - ZyXEL Communications UAG Series Cli Reference Manual

Table 75 SSL VPN Commands
COMMAND
[no] eps periodical-check
<1..1440>
[no] network-extension {activate |
ip-pool address_object | 1st-dns
{address_object | ip } | 2nd-dns
{address_object | ip } | 1st-wins
{address_object | ip } | 2nd-wins
{address_object | ip } | network
address_object}
[no] network-extension traffic-
enforcement
[no] user user_name
sslvpn policy move <1..16> to <1..16>
sslvpn no connection username user_name Terminates the user's SSL VPN connection and deletes corresponding
no sslvpn policy profile_name
sslvpn policy rename profile_name
profile_name
show workspace application
show workspace cifs

20.2.2 Setting an SSL VPN Rule Tutorial

Here is an example SSL VPN configuration. The SSL VPN rule defines:
• Only users using the "tester" account can use the SSL VPN.
• The UAG will assign an IP address from 192.168.100.1 to 192.168.100.10 (defined in object "IP-
POOL") to the computers which match the rule's criteria.
• The UAG will assign two DNS server settings (172.16.1.1 and 172.16.1.2 defined in objects DNS1
and DNS2) to the computers which match the rule's criteria.
• The SSL VPN users are allowed to access the UAG's local network, 172.16.10.0/24 (defined in
object "Network1").
• Users have to access the SSL VPN using a computer that complies with all the following criteria
(defined in object "EPS-1"):
• Windows XP is installed.
• TrendMicro PC-Cillin Internet Security 2007 is installed and activated.
UAG CLI Reference Guide
DESCRIPTION
Sets the number of minutes to have the UAG repeat the endpoint security
check at a regular interval. The no command disables this setting.
Use this to configure for a VPN tunnel between the authenticated users and
the internal network. This allows the users to access the resources on the
network as if they were on the same local network.
ip-pool: specify the name of the pool of IP addresses to assign to the
user computers for the VPN connection.
Specify the names of the DNS or WINS servers to assign to the remote
users. This allows them to access devices on the local network using
domain names instead of IP addresses.
network: specify a network users can access.
Forces all SSL VPN client traffic to be sent through the SSL VPN tunnel. The
no command disables this setting.
Specifies the user or user group that can use the SSL VPN access policy.
Moves the specified SSL VPN access policy to the number that you
specified.
session information from the UAG.
Deletes the specified SSL VPN access policy.
Renames the specified SSL VPN access policy.
Displays the SSLVPN resources available to each user when logged into
SSLVPN.
Displays the shared folders available to each user when logged into
SSLVPN.
Chapter 20 SSL VPN
139