Planning For An Ssl Vpn - NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual
Gigabit quad wan ssl vpn firewall
Hide thumbs
Also See for SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall:
- Configuration manual (8 pages) ,
- Use manual (9 pages) ,
- Network setup manual (8 pages)
Table of Contents
Advertisement
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
The SSL capability of the user's browser provides authentication and encryption, establishing
a secure connection to the VPN firewall. Upon successful connection, an ActiveX-based SSL
VPN client is downloaded to the remote PC to allow the remote user to virtually join the
corporate network.
The SSL VPN client provides a point-to-point (PPP) connection between the client and the
VPN firewall, and a virtual network interface is created on the user's PC. The VPN firewall
assigns the PC an IP address and DNS server IP addresses, allowing the remote PC to access
network resources in the same manner as if it were connected directly to the corporate
network, subject to any policy restrictions that you configure.
•
SSL port forwarding. Like an SSL VPN tunnel, port forwarding is a Web-based client that is
installed transparently and then creates a virtual, encrypted tunnel to the remote network.
However, port forwarding differs from an SSL VPN tunnel in several ways:
–
Port forwarding supports only TCP connections, not UDP connections or connections
using other IP protocols.
–
Port forwarding detects and reroutes individual data streams on the user's PC to the
port-forwarding connection rather than opening up a full tunnel to the corporate network.
–
Port forwarding offers more fine-grained management than an SSL VPN tunnel. You
define individual applications and resources that are available to remote users.
The SSL VPN portal can present the remote user with one or both of these SSL service levels,
depending on how you set up the configuration.
Planning for an SSL VPN
To set up and activate SSL VPN connections, perform these basic steps in this order:
1. Edit the existing SSL portal or create a new one (see
page
6-4).
When remote users log in to the VPN firewall, they see a portal page that you can customize to
present the resources and functions that you choose to make available.
2. Create authentication domains, user groups, and user accounts (see
Groups, and Users" on page
a. Create one or more authentication domains for authentication of SSL VPN users. When
remote users log in to the VPN firewall, they must specify a domain to which their login
account belongs.
6-2
6-7).
Virtual Private Networking Using SSL Connections
v1.0, April 2010
"Creating the Portal Layout" on
"Configuring Domains,
Advertisement
Table of Contents
Troubleshooting
