D-Link DWC-1000 사용자 설명서
Chapter 7. SSL VPN
The controller provides an intrinsic SSL VPN feature as an alternate to the standard
IPsec VPN. SSL VPN differs from IPsec VPN mainly by removing the requirement of a
pre-installed VPN client on the remote host. Instead, users can securely login through
the SSL User Portal using a standard web browser and receive access to configured
network resources within the corporate LAN. The controller supports multiple
concurrent sessions to allow remote users to access the LAN over an encrypted link
through a customizable user portal interface, and each SSL VPN user can be assigned
unique privileges and network resource access levels.
IPsec VPN. SSL VPN differs from IPsec VPN mainly by removing the requirement of a
pre-installed VPN client on the remote host. Instead, users can securely login through
the SSL User Portal using a standard web browser and receive access to configured
network resources within the corporate LAN. The controller supports multiple
concurrent sessions to allow remote users to access the LAN over an encrypted link
through a customizable user portal interface, and each SSL VPN user can be assigned
unique privileges and network resource access levels.
The remote user can be provided different options for SSL service through this
controller:
controller:
VPN Tunnel: The remote user‘s SSL enabled browser is used in place of a VPN
client on the remote host to establish a secure VPN tunnel. A SSL VPN client
(Active-X or Java based) is installed in the remote host to allow the client to join
the corporate LAN with pre-configured access/policy privileges. At this point a
virtual network interface is created on the user‘s host and this will be assigned an
IP address and DNS server address from the controller. Once established, the host
machine can access allocated network resources.
Port Forwarding: A web-based (ActiveX or Java) client is installed on the client
machine again. Note that Port Forwarding service only supports TCP connections
between the remote user and the controller. The controller administrator can define
specific services or applications that are available to remote port forwarding users
instead of access to the full LAN like the VPN tunnel.
ActiveX clients are used when the remote user accesses the portal using the Internet
Explorer browser. The Java client is used for other browsers like Mozilla Firefox,
Netscape Navigator, Google Chrome, and Apple Safari.
Explorer browser. The Java client is used for other browsers like Mozilla Firefox,
Netscape Navigator, Google Chrome, and Apple Safari.