Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 참조 매뉴얼
![Netgear](https://files.manualsbrain.com/attachments/cf1ad5de25a3f8d6c88ef0ab489c1b137eebe11f/common/fit/150/50/17742d1e0cdacf24edeb88c30757620088415c5f7699f69b4517262e21e0/brand_logo.jpeg)
Set Up Virtual Private Networking with SSL
Connections
473
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
The Edit Resources screen displays the IPv6 settings.
9.
In the Defined Resource Addresses table, click the Delete button to the right of the resource
address configuration that you want to remove.
address configuration that you want to remove.
The resource address configuration is removed from the Defined Resource Addresses
table.
table.
Configure User, Group, and Global Policies
The following sections provide information about configuring user, group, and global policies
for SSL port forwarding:
for SSL port forwarding:
•
•
•
•
•
•
•
•
SSL Policies Overview
You can define and apply user, group, and global policies to predefined network resource
objects, IP addresses, address ranges, or all IP addresses, and to different SSL VPN
services (VPN tunnels and port forwarding configurations). A specific hierarchy is invoked
over which policies take precedence. The VPN firewall SSL policy hierarchy is as follows:
objects, IP addresses, address ranges, or all IP addresses, and to different SSL VPN
services (VPN tunnels and port forwarding configurations). A specific hierarchy is invoked
over which policies take precedence. The VPN firewall SSL policy hierarchy is as follows:
•
User policies take precedence over group policies.
•
Group policies take precedence over global policies.
•
If two or more user, group, or global policies are configured, the most specific policy takes
precedence.
precedence.
For example, a policy that is configured for a single IP address takes precedence over a
policy that is configured for a range of addresses. And a policy that applies to a range of IP
addresses takes precedence over a policy that applies to all IP addresses. If two or more IP
address ranges are configured, the smallest address range takes precedence. Host names
are treated the same as individual IP addresses.
policy that is configured for a range of addresses. And a policy that applies to a range of IP
addresses takes precedence over a policy that applies to all IP addresses. If two or more IP
address ranges are configured, the smallest address range takes precedence. Host names
are treated the same as individual IP addresses.
Network resources are prioritized just like other address ranges. However, the prioritization is
based on the individual address or address range, not the entire network resource.
based on the individual address or address range, not the entire network resource.
For example, assume the following global policy configuration:
•
Policy 1. A Deny rule blocks all services to the IP address range 10.0.0.0–10.0.0.255.
•
Policy 2. A Deny rule blocks FTP access to 10.0.1.2–10.0.1.10.