Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules Manual De Referência
Managing Users, Authentication, and VPN Certificates
359
ProSecure Unified Threat Management (UTM) Appliance
Configure Groups
The use of groups simplifies the configuration of VPN policies when different sets of users
have different restrictions and access controls. It also simplifies the configuration of web
access exception rules. Like the default domain of the UTM, the default group is also named
geardomain. The default group geardomain is assigned to the default domain geardomain.
You cannot delete the default domain geardomain, nor its associated default group
geardomain.
have different restrictions and access controls. It also simplifies the configuration of web
access exception rules. Like the default domain of the UTM, the default group is also named
geardomain. The default group geardomain is assigned to the default domain geardomain.
You cannot delete the default domain geardomain, nor its associated default group
geardomain.
When you create a new domain, for example, on the second SSL VPN Wizard screen (see
on page 310), a default group with the same
name as the new domain is created automatically. You cannot delete this default group
either. However, when you delete the domain with which it is associated, the default group is
deleted automatically.
either. However, when you delete the domain with which it is associated, the default group is
deleted automatically.
Note:
IPSec VPN users always belong to the default domain (geardomain)
and are not assigned to groups.
Note:
Groups that are defined on the Groups screen are used for setting
SSL VPN policies. These groups should not be confused with LAN
groups that are defined on the LAN Groups screen and that are
used to simplify firewall policies. For information about LAN groups,
see
groups that are defined on the LAN Groups screen and that are
used to simplify firewall policies. For information about LAN groups,
see
Create and Delete Groups
To create a VPN group:
1.
Select Users > Groups. The Groups screen displays. (The following figure shows the
UTM’s default group—geardomain—and, as an example, several other groups in the
List of Groups table.)
UTM’s default group—geardomain—and, as an example, several other groups in the
List of Groups table.)
The List of Groups table displays the VPN groups with the following fields:
•
Check box. Allows you to select the group in the table.
•
Name. The name of the group. If the group name is appended by an asterisk, the
group was created by default when you created the domain with the identical name
as the default group. You cannot delete a default group; you can delete only the
domain with the identical name, which causes the default group to be deleted.
as the default group. You cannot delete a default group; you can delete only the
domain with the identical name, which causes the default group to be deleted.
•
Domain. The name of the domain to which the group is assigned.
•
Action. The Edit table button, which provides access to the Edit Group screen.