Chapter 8 Virtual Private Networking Using Ssl Connections; Ssl Vpn Portal Options - NETGEAR UTM5 Reference Manual

Virtual Private Networking
8.
Using SSL Connections
The UTM provides a hardware-based SSL VPN solution designed specifically to provide remote
access for mobile users to their corporate resources, bypassing the need for a preinstalled VPN
client on their computers. Using the familiar Secure Sockets Layer (SSL) protocol, commonly
used for e-commerce transactions, the UTM can authenticate itself to an SSL-enabled client,
such as a standard web browser. Once the authentication and negotiation of encryption
information are completed, the server and client can establish an encrypted connection. With
support for up to 13 dedicated SSL VPN tunnels, the UTM allows users to easily access the
remote network for a customizable, secure, user portal experience from virtually any available
platform.
This chapter contains the following sections:
•

SSL VPN Portal Options

• Use the SSL VPN Wizard for Client Configurations
• Manually Configure and Edit SSL Connections
SSL VPN Portal Options
The UTM's SSL VPN portal can provide two levels of SSL service to the remote user:
• SSL VPN tunnel. The UTM can provide the full network connectivity of a VPN tunnel
using the remote user's browser instead of a traditional IPSec VPN client. The SSL
capability of the user's browser provides authentication and encryption, establishing a
secure connection to the UTM. Upon successful connection, an ActiveX-based SSL VPN
client is downloaded to the remote PC to allow the remote user to virtually join the
corporate network.
The SSL VPN client provides a point-to-point (PPP) connection between the client and
the UTM, and a virtual network interface is created on the user's PC. The UTM assigns
the PC an IP address and DNS server IP addresses, allowing the remote PC to access
network resources in the same manner as if it were connected directly to the corporate
network, subject to any policy restrictions that you configure.
319
8