NETGEAR ProSafe SSL312 Network Manual
Ssl vpn concentrator, vpn static route
Hide thumbs
Also See for ProSafe SSL312:
- Reference manual (112 pages) ,
- Troubleshooting manual (3 pages) ,
- Installation manual (2 pages)
Advertisement
SSL312
25.0.0.254
SSL312 Firmware version 2.0.03
FVX538 Firmware version 2.1.2-7
This article illustrates the Split Tunnel SSL VPN and how to configure a static route on both the
firewall and the SSL312 to allow the remote clients to access other PCs through the SSL VPN
tunnel.
Issue:
SSL VPN tunnel is established, but remote client cannot ping or access other devices on the
SSL312 VPN network.
Cause:
By default, the SSL VPN is configured to assign the remote VPN clients with IP addresses from
the range of 192.168.251.1 through 192.168.251.254. This range of IP address may not be in the
same subnet as your local network or as your SSL312.
Resolution:
1) Add a client route on the SSL312 to allow the VPN Tunnel client to connect to the
corporate network using the VPN tunnel.
2) Add a client route on the corporate network's firewall to forward traffic intended for the
VPN clients to the SSL VPN gateway
SSL312 VPN Static Route
Internet
FVX538
25.0.0.2
SSL VPN Tunnel
25.0.0.50
Remote
client
192.168.251.3
Advertisement
Table of Contents
Related Manuals for NETGEAR ProSafe SSL312
Summary of Contents for NETGEAR ProSafe SSL312
- Page 1 SSL312. Resolution: 1) Add a client route on the SSL312 to allow the VPN Tunnel client to connect to the corporate network using the VPN tunnel. 2) Add a client route on the corporate network's firewall to forward traffic intended for the...
- Page 2 This is the default IP address range that the SSL312 will be giving out to its remote VPN clients: NOTE: By default the SSL VPN tunnel is set to use Split Tunnel – this means that the SSL312 does not know how to route traffic to the rest of the network without a static route defined. Unless you have configured your SSL312 to be in the same subnet as the VPN Client range, you will need to add a static route on the SSL312 before you can access other devices on the network.
- Page 3 Furthermore, another static route is needed on the firewall or FVX538 to route external traffic to the SSL312. To do this, we are adding the SSL VPN client subnet and route that traffic through the IP address of the SSL312 itself.
- Page 4 Routing table BEFORE VPN tunnel Routing table AFTER VPN tunnel established New route added...
Need help?
Do you have a question about the ProSafe SSL312 and is the answer not in the manual?
Questions and answers