Netgear FVS336G 参照ガイド
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
Virtual Private Networking Using SSL Connections
6-3
v1.0, October 2007
When you define the SSL VPN policies that determine network resource access for your SSL
VPN users, you can define global policies, group policies, or individual policies. Because you
must assign an authentication domain when creating a group, the group is created after you
have created the domain.
VPN users, you can define global policies, group policies, or individual policies. Because you
must assign an authentication domain when creating a group, the group is created after you
have created the domain.
4. Create one or more SSL VPN user accounts.
Because you must assign a group when creating a SSL VPN user account, the user account is
created after you have created the group.
created after you have created the group.
5. For port forwarding, declare the servers and services.
Create a list of servers and services that can be made available through user, group, or global
policies. You can also associate fully qualified domain names with these servers. The VPN
firewall will resolve the names to the servers using the list you have created.
policies. You can also associate fully qualified domain names with these servers. The VPN
firewall will resolve the names to the servers using the list you have created.
6. For VPN tunnel service, configure the virtual network adapter.
In the VPN tunnel option, the VPN firewall creates a virtual network adapter on the remote PC
that will function as if it were on the local network. Configure the portal’s SSL VPN Client to
define a pool of local IP addresses to be issued to remote clients, as well as DNS addresses.
Declare static routes or grant full access to the local network, subject to additional policies.
that will function as if it were on the local network. Configure the portal’s SSL VPN Client to
define a pool of local IP addresses to be issued to remote clients, as well as DNS addresses.
Declare static routes or grant full access to the local network, subject to additional policies.
7. For simplifying policies, define network resource objects.
Network resource objects are groups of IP addresses, IP address ranges, and services. By
defining resource objects, you can more quickly create and configure network policies.
defining resource objects, you can more quickly create and configure network policies.
8. Configure the policies.
Policies determine access to network resources and addresses for individual users, groups, or
everyone.
everyone.
Creating the Portal Layout
The SSL VPN Portal Layouts menu allows you to create a custom page that remote users will see
when they log into the portal. Because the page is completely customizable, it provides an ideal
way to communicate remote access instructions, support information, technical contact info, or
VPN-related news updates to remote users. The page is also well-suited as a starting page for
restricted users; if mobile users or business partners are only permitted to access a few resources,
the page you create will present only the resources relevant to these users.
when they log into the portal. Because the page is completely customizable, it provides an ideal
way to communicate remote access instructions, support information, technical contact info, or
VPN-related news updates to remote users. The page is also well-suited as a starting page for
restricted users; if mobile users or business partners are only permitted to access a few resources,
the page you create will present only the resources relevant to these users.