Symantec 360R Administration Guide - Page 99

Establishing secure VPN connections 99 Configuring Client-to-Gateway VPN tunnels Table 6-9 Client-to-Gateway VPN tunnel configuration tasks Task SGMI Optionally, configure RADIUS authentication. VPN > Client Tunnels > Extended User Authentication VPN > Advanced > RADIUS Settings Optionally, configure Antivirus Policy Enforcement. VPN > Client Tunnels > Antivirus Policy Select the VPN policy that applies to the tunnel. VPN > Advanced > Global VPN Client Settings Defining client VPN tunnels This section describes how to define client VPN tunnels. Defining client VPN tunnels consists of the following tasks: ■ Enabling client tunnels for selected VPN groups for WAN connections and/ or LAN/WLAN connections ■ Configuring VPN network parameters that are pushed to the Client VPN during tunnel negotiations (optional) ■ Configuring RADIUS authentication (optional) ■ Configuring antivirus policy enforcement (optional) ■ Configuring content filtering (optional) If you enable content filtering for remote WAN-side VPN clients, you must have DNS servers on the local LAN. In Symantec Client VPN version 8.0, you can define two different tunnels: one for WAN which uses the domain name, and one for LAN, which uses the IP address. Then, put those tunnels in a gateway group. This way, when you create the tunnel, if the first tunnel fails (because the name cannot be resolved, for example) the IP address can be used to connect. See Symantec Client VPN User's Guide. To define client tunnels See "Client Tunnels tab field descriptions" on page 197. 1 In the SGMI, in the left pane, click VPN. 2 In the right pane, on the Client Tunnels tab, under Group Tunnel Definition, in the VPN Group drop-down list, select a VPN group. 3 To enable client VPNs for the chosen VPN Group on WAN or WLAN/LAN connections, click one or both of the following: