Netgear FVS318N Manual Do Utilizador
Virtual Private Networking Using SSL Connections
275
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To add servers and host names for client name resolution:
1.
Select VPN > SSL VPN > Port Forwarding. The Port Forwarding screen displays (see
2.
In the Add New Host Name for Port Forwarding section of the screen, specify information in
the following fields:
the following fields:
•
Local Server IP Address. The IP address of an internal server or host computer that
you want to name.
you want to name.
•
Fully Qualified Domain Name. The full server name.
Note:
If the server or host computer that you want to name does not
display in the List of Configured Applications for Port Forwarding
table, you need to add it before you can rename it.
table, you need to add it before you can rename it.
3.
Click the Add table button. The new application entry is added to the List of Configured Host
Names for Port Forwarding table.
Names for Port Forwarding table.
To delete a name from the List of Configured Host Names for Port Forwarding table:
1.
Select the check box to the left of the name that you want to delete.
2.
Click the Delete table button in the Action column.
Configure the SSL VPN Client
•
•
The SSL VPN client on the wireless VPN firewall assigns IP addresses to remote VPN tunnel
clients. Because the VPN tunnel connection is a point-to-point connection, you can assign IP
addresses from the local subnet to the remote VPN tunnel clients.
clients. Because the VPN tunnel connection is a point-to-point connection, you can assign IP
addresses from the local subnet to the remote VPN tunnel clients.
The following are some additional considerations:
•
So that the virtual (PPP) interface address of a VPN tunnel client does not conflict with
addresses on the local network, configure an IP address range that does not directly
overlap with addresses on your local network. For example, if 192.168.1.1 through
192.168.1.100 are assigned to devices on the local network, then start the client address
range at 192.168.1.101, or choose an entirely different subnet altogether.
addresses on the local network, configure an IP address range that does not directly
overlap with addresses on your local network. For example, if 192.168.1.1 through
192.168.1.100 are assigned to devices on the local network, then start the client address
range at 192.168.1.101, or choose an entirely different subnet altogether.
•
The VPN tunnel client cannot contact a server on the local network if the VPN tunnel
client’s Ethernet interface shares the same IP address as the server or the wireless VPN
firewall. (For example, if your computer has a network interface IP address of 10.0.0.45,
then you cannot contact a server on the remote network that also has the IP address
10.0.0.45.)
client’s Ethernet interface shares the same IP address as the server or the wireless VPN
firewall. (For example, if your computer has a network interface IP address of 10.0.0.45,
then you cannot contact a server on the remote network that also has the IP address
10.0.0.45.)
•
Select whether you want to enable full-tunnel or split-tunnel support based on your
bandwidth:
bandwidth:
-
A full tunnel sends all of the client’s traffic across the VPN tunnel.