Netgear FVS318N 사용자 설명서
Virtual Private Networking Using SSL Connections
279
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
3.
In the Add Routes for VPN Tunnel Clients section of the screen, specify information in the
following fields:
following fields:
•
Destination Network. The destination network IPv4 or IPv6 address of a local
network or subnet. For example, for an IPv4 route, enter 192.168.4.20.
network or subnet. For example, for an IPv4 route, enter 192.168.4.20.
•
Subnet Mask / Prefix Length. For an IPv4 route, the address of the appropriate
subnet mask; for an IPv6 route, the prefix length.
subnet mask; for an IPv6 route, the prefix length.
4.
Click the Add table button. The new client route is added to the Configured Client Routes
table.
table.
If VPN tunnel clients are already connected, disconnect and then reconnect the clients on the
SSL VPN Connection Status screen (see
SSL VPN Connection Status screen (see
on page 292). Doing so allows the clients to receive new addresses and routes.
To change the specifications of an existing route and to delete an old route:
1.
Add a new route to the Configured Client Routes table.
2.
In the Configured Client Routes table, to the right of the route that is out-of-date, click the
Delete table button.
Delete table button.
If an existing route is no longer needed, you can delete it.
Use Network Resource Objects to Simplify Policies
•
•
Network resources are groups of IP addresses, IP address ranges, and services. By defining
resource objects, you can more quickly create and configure network policies. You do not
need to redefine the same set of IP addresses or address ranges when you configure the
same access policies for multiple users.
resource objects, you can more quickly create and configure network policies. You do not
need to redefine the same set of IP addresses or address ranges when you configure the
same access policies for multiple users.
Defining network resources is optional; smaller organizations can choose to create access
policies using individual IP addresses or IP networks rather than predefined network
resources. But for most organizations, NETGEAR recommends that you use network
resources. If your server or network configuration changes, you can perform an update
quickly by using network resources instead of individually updating all of the user and group
policies.
policies using individual IP addresses or IP networks rather than predefined network
resources. But for most organizations, NETGEAR recommends that you use network
resources. If your server or network configuration changes, you can perform an update
quickly by using network resources instead of individually updating all of the user and group
policies.
Add New Network Resources
The resource name and service are independent of the IP version. However, the resource
definition (see
definition (see
on page 280) is dependent on
the IP version because you can assign either an IPv4 or an IPv6 address or network.
To define a network resource:
1.
Select VPN > SSL VPN > Resources. The Resources screen displays. (The following
figure shows some resources in the List of Resources table as an example.)
figure shows some resources in the List of Resources table as an example.)