Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules Manual De Referência
Virtual Private Networking Using SSL Connections
324
ProSecure Unified Threat Management (UTM) Appliance
Create a list of servers and services that can be made available through user, group, or
global policies. You can also associate fully qualified domain names (FQDNs) with these
servers. The UTM resolves the names to the servers using the list you have created.
global policies. You can also associate fully qualified domain names (FQDNs) with these
servers. The UTM resolves the names to the servers using the list you have created.
4.
For SSL VPN tunnel service, configure the virtual network adapter (see
For the SSL VPN tunnel option, the UTM creates a virtual network adapter on the remote
PC that then functions as if it were on the local network. Configure the portal’s SSL VPN
client to define a pool of local IP addresses to be issued to remote clients, as well as DNS
addresses. Declare static routes or grant full access to the local network, subject to
additional policies.
PC that then functions as if it were on the local network. Configure the portal’s SSL VPN
client to define a pool of local IP addresses to be issued to remote clients, as well as DNS
addresses. Declare static routes or grant full access to the local network, subject to
additional policies.
5.
To simplify policies, define network resource objects (see
Network resource objects are groups of IP addresses, IP address ranges, and services.
By defining resource objects, you can more quickly create and configure network policies.
By defining resource objects, you can more quickly create and configure network policies.
6.
Configure the SSL VPN policies (see
Policies determine access to network resources and addresses for individual users,
groups, or everyone.
groups, or everyone.
Create the Portal Layout
The Portal Layouts screen that you can access from the SSL VPN configuration menu allows
you to create a custom page that remote users see when they log in to the portal. Because
the page is completely customizable, it provides an ideal way to communicate remote access
instructions, support information, technical contact information, or VPN-related news updates
to remote users. The page is also well suited as a starting page for restricted users; if mobile
users or business partners are permitted to access only a few resources, the page that you
create presents only the resources that are relevant to these users.
you to create a custom page that remote users see when they log in to the portal. Because
the page is completely customizable, it provides an ideal way to communicate remote access
instructions, support information, technical contact information, or VPN-related news updates
to remote users. The page is also well suited as a starting page for restricted users; if mobile
users or business partners are permitted to access only a few resources, the page that you
create presents only the resources that are relevant to these users.
You apply portal layouts by selecting one from the available portal layouts in the configuration
of a domain. When you have completed your portal layout, you can apply the portal layout to
one or more authentication domains (see
of a domain. When you have completed your portal layout, you can apply the portal layout to
one or more authentication domains (see
on page 353). You can also
make the new portal the default portal for the SSL VPN gateway by selecting the default radio
button adjacent to the portal layout name.
button adjacent to the portal layout name.
Note:
The UTM’s default portal address is
https://<IP_Address>/portal/SSL-VPN. The default domain
geardomain is attached to the SSL-VPN portal.
geardomain is attached to the SSL-VPN portal.
You can define individual layouts for the SSL VPN portal. The layout configuration includes
the menu layout, theme, portal pages to display, and web cache control options. The default
portal layout is the SSL-VPN portal. You can add additional portal layouts. You can also make
the menu layout, theme, portal pages to display, and web cache control options. The default
portal layout is the SSL-VPN portal. You can add additional portal layouts. You can also make