Configuring Basic Ssl Vpn Functions; Establishing The Configuration Task - Huawei AR1200 series Configuration Manual
Enterprise routers
Hide thumbs
Also See for AR1200 series:
- Configuration manual (342 pages) ,
- User configuration manual (232 pages) ,
- Hardware description (218 pages)
Table of Contents
Advertisement
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN
l
SSL VPN Service
The AR1200 supports three service types as an SSL VPN gateway: Web proxy, port forwarding,
and IP forwarding.
l
l
l
SSL VPN License
The SSL VPN function is used with a license. To use the SSL VPN function, apply for and
purchase the following license from the Huawei local office:
l
7.3 Configuring Basic SSL VPN Functions
The configurations of basic SSL VPN functions include extranet/intranet interfaces and AAA
domain.
7.3.1 Establishing the Configuration Task
Before configuring basic SSL VPN functions, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the data required for the
configuration. This will help you complete the configuration task quickly and accurately.
Applicable Environment
The configurations of basic SSL VPN functions include extranet/intranet interfaces and AAA
domain.
To use an AR1200 as an SSL VPN gateway, you must configure and enable the basic SSL VPN
functions. If the basic SSL VPN functions are disabled, no user can access internal servers
through the SSL VPN gateway.
Issue 01 (2012-04-20)
Forcibly disconnecting users from virtual gateways
An administrator can disconnect a user by specifying the user's name or ID or disconnect
all users from a virtual gateway. The virtual gateway still stores information about the
disconnected users.
The Web proxy service is based on the HTTPS protocol. Users access the internal Web
server through the SSL VPN gateway. The SSL VPN gateway functions as a proxy that
forwards data between users and the internal Web server. This function helps ensure that
access to the internal Web server is secure.
The port forwarding function allows applications to access internal servers using TCP.
Users can access the TCP-based services on the internal network. The typical port
forwarding services include Telnet login, desktop sharing, and mailing.
The IP forwarding function allows remote terminals to communicate with internal servers
at the network layer. For example, the remote terminals are allowed to ping internal servers.
AR1200 Value-Added Security Package
NOTE
The maximum number of online SSL VPN users is limited by the license. The SSL VPN function has
multiple capacity licenses, which allow different numbers of access users. Select one or more capacity
licenses according to service requirements. The device supports a maximum of two online SSL VPN users
without a license.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
7 SSL VPN Configuration
366
Hide quick links:
Advertisement
Table of Contents
