Netgear FVS318N User Manual
Virtual Private Networking Using SSL Connections
268
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Because you need to assign a group when creating an SSL VPN user account, the
user account is created after you have created the group.
user account is created after you have created the group.
3.
Create a list of servers and services that can be made available through user, group, or
global policies. You can also associate fully qualified domain names (FQDNs) with these
servers. The wireless VPN firewall resolves the names to the servers using the list you
have created.
global policies. You can also associate fully qualified domain names (FQDNs) with these
servers. The wireless VPN firewall resolves the names to the servers using the list you
have created.
4.
For SSL VPN tunnel service, configure the virtual network adapter (see
For the SSL VPN tunnel option, the wireless VPN firewall creates a virtual network
adapter on the remote computer that then functions as if it were on the local network.
Configure the portal’s SSL VPN client to define a pool of local IP addresses to be issued
to remote clients, as well as DNS addresses. Declare static routes or grant full access to
the local network, subject to additional policies.
adapter on the remote computer that then functions as if it were on the local network.
Configure the portal’s SSL VPN client to define a pool of local IP addresses to be issued
to remote clients, as well as DNS addresses. Declare static routes or grant full access to
the local network, subject to additional policies.
5.
To simplify policies, define network resource objects (see
Network resource objects are groups of IP addresses, IP address ranges, and services.
By defining resource objects, you can more quickly create and configure network policies.
By defining resource objects, you can more quickly create and configure network policies.
6.
Configure the SSL VPN policies (see
page 282).
Policies determine access to network resources and addresses for individual users,
groups, or everyone.
groups, or everyone.
Create the Portal Layout
The Portal Layouts screen that you can access from the SSL VPN configuration menu allows
you to create a custom screen that remote users see when they log in to the portal. Because
the log-in screen is customizable, it provides an ideal way to communicate remote access
instructions, support information, technical contact information, or VPN-related news updates
to remote users. The log-in screen is also well suited as a starting screen for restricted users;
if mobile users or business partners are permitted to access only a few resources, the log-in
screen that you create presents only the resources that are relevant to these users.
you to create a custom screen that remote users see when they log in to the portal. Because
the log-in screen is customizable, it provides an ideal way to communicate remote access
instructions, support information, technical contact information, or VPN-related news updates
to remote users. The log-in screen is also well suited as a starting screen for restricted users;
if mobile users or business partners are permitted to access only a few resources, the log-in
screen that you create presents only the resources that are relevant to these users.
You apply portal layouts by selecting one from the available portal layouts in the configuration
of a domain. When you have completed your portal layout, you can apply the portal layout to
one or more authentication domains (see
of a domain. When you have completed your portal layout, you can apply the portal layout to
one or more authentication domains (see
on page 296). You can also
make the new portal the default portal for the SSL VPN gateway by selecting the default radio
button next to the portal layout name.
button next to the portal layout name.
The wireless VPN firewall’s default portal address is https://<IP_address>/portal/SSL-VPN, in
which the IP address can be either an IPv4 or an IPv6 address. Both types of addresses are
supported simultaneously. The default domain geardomain is assigned to the default
SSL-VPN portal.
which the IP address can be either an IPv4 or an IPv6 address. Both types of addresses are
supported simultaneously. The default domain geardomain is assigned to the default
SSL-VPN portal.