Figure 236 Network Access Mode: Full Tunnel Mode - ZyXEL Communications ZyWALL USG 300 User Manual

Chapter 22 SSL VPN
Full Tunnel Mode
In full tunnel mode, a virtual connection is created for remote users with private IP addresses
in the same subnet as the local network. This allows them to access network resources in the
same way as if they were part of the internal network.

Figure 236 Network Access Mode: Full Tunnel Mode

SSL Access Policy
An SSL access policy allows the ZyWALL to perform the following tasks:
• limit user access to specific applications or files on the network.
• allow user access to specific networks.
• assign private IP addresses and provide DNS/WINS server information to remote users to
access internal networks.
SSL Access Policy Objects
The SSL access policies reference the following objects. If you update this information, in
response to changes, the ZyWALL automatically propagates the changes through the SSL
policies that use the object(s). When you delete an SSL policy, the objects are not removed.
Table 125 Objects
OBJECT TYPE
User Accounts
Application
IP Pool
Server
Addresses
VPN Network
You cannot delete an object that is referenced by an SSL access policy. To delete the object,
you must first unassociate the object from the SSL access policy.
368
OBJECT
DESCRIPTION
SCREEN
User Account/ Configure a user account or user group to which you want to apply
User Group this SSL access policy.
SSL Configure an SSL application object to specify the application type
Application and server users are allowed to access.
Address Configure an address object that defines a range of private IP
addresses to assign to user computers so they can access the
internal network through a VPN connection.
Address Configure address objects for the IP addresses of the DNS and
WINS servers that the ZyWALL sends to the VPN connection
users.
Address Configure an address object to specify which network segment
users are allowed to access through a VPN connection.
ZyWALL USG 300 User's Guide