Symantec 360R Administration Guide - Page 97

Establishing secure VPN connections 97 Configuring Client-to-Gateway VPN tunnels Understanding Client-to-Gateway VPN tunnels Symantec Gateway Security 300 Series supports Client-to-Gateway VPN tunnel configurations. A Client-to-Gateway configuration is created when a workstation, running Symantec Client VPN software, connects to the security gateway from either inside the protected network or from a remote location through the Internet. Note: Wireless clients can use client-to-gateway tunnels to secure their connections. See Symantec Gateway Security 300 Series Wireless Implementation Guide. Once a VPN tunnel is established, remote users can connect to and safely access the resources of the private network, through the Internet, as if the remote workstation was physically located inside the protected network (see Figure 62). Figure 6-2 Client-to-Gateway VPN tunnel configuration Symantec Client VPN (LAN) Symantec Client VPN (WAN) Internet Symantec Gateway Security 300 Series Symantec Client VPN (LAN) Symantec Client VPN (LAN) In this diagram, there is a client that establishes a tunnel remotely (WAN) and three internal clients establishing a tunnel internally (LAN). For each VPN group, you can define network settings to download to the client during Phase 1 configuration mode. The settings include the primary and secondary DNS servers, the WINS servers, and the primary domain controller. By pushing this information to the clients during configuration mode, each client will not have to configure that on his or her own, saving management time, and reducing the possibility of error.