Manualsbrain.com
  1. Handbücher
  2. Marken
  3. WatchGuard Technologies
  4. SSL VPN
  5. Benutzerhandbuch

WatchGuard Technologies SSL VPN Benutzerhandbuch

Download
Seite von 195
Connecting from a Private Computer
122
Firebox SSL VPN Gateway
sends its known local IP address to the server by means of a custom client-server protocol. For these 
applications, the Secure Access Client provides the local client application a private IP address represen-
tation, which the Firebox SSL VPN Gateway uses on the internal network. Many real-time voice applica-
tions and FTP use this feature.
 
Clients can access resources on the corporate network by connecting through the Firebox SSL VPN 
Gateway from their own computer or from a public computer.
ActiveX Helper
When the user connects to the Web Interface portion of the Firebox SSL VPN Gateway and logs on, 
net6helper.cab and ActiveX control are installed. This file provides three main functions:
• It launches the client from the Web page instead of having to manually download the executable 
and then launching the Secure Access Client.
• It performs pre-authentication checks for the Web page.
• It provides single sign-on. When the Secure Access Client is started from the Web page, the 
Secure Access Client does not prompt the user to log on again.
Using the Secure Access Client Window
To enable users to connect to and use the Firebox SSL VPN Gateway, you need to provide them with the 
following information: 
• Firebox SSL VPN Gateway Web address, such as https://AccessGatewayFQDN/. 
If a user needs access from a computer that is not running Windows 2000 or above or Linux, but is running a Java 
Virtual Machine (JVM) 1.5 or higher, the user can use the Java applet version of the kiosk. The Web address for 
connecting to the Java applet version of the kiosk is: https://AccessGateway/vpn_portal-javaonly.html 
• The authentication realm name required for logon (if you use realms other than the realm named 
Default). 
• Path to any network drives that the users can access, which is done by mapping a network drive on 
their computer. 
• Any system requirements for running the Secure Access Client if you configured end point resources 
and policies. 
Depending on the configuration of a remote user’s system, you might also need to provide additional 
information: 
• To start the Secure Access ClientWindows 2000 users must be a local administrator or a member of 
the Administrators group to install programs on their computer. This restriction applies to Windows 
XP for first-time installation only, not for upgrades. 
• If a user runs a firewall on the remote computer, the user might need to change the firewall settings so 
that it does not block traffic to or from the IP addresses corresponding to the resources for which you 
granted access. The Secure Access Client automatically handles Internet Connection Firewall in 
Windows XP and Windows Firewall in Windows XP Service Pack 2. For information about configuring a 
variety of popular firewalls, see “Using Firewalls with Firebox SSL VPN Gateway” on page 149.
• Users who want to send traffic to FTP over the Firebox SSL VPN Gateway connection must set their FTP 
application to perform passive transfers. A passive transfer means that the remote computer 
establishes the data connection to your FTP server, rather than your FTP server establishing the data 
connection to the remote computer. 
• Users who want to run X client applications across the connection must run an X server, such as 
XManager, on their computers. 
• Because users work with files and applications just as if they were local to the organization’s 
network, no retraining of users or configuration of applications is needed.