D-Link DFL-260E User Manual for DFL-260E - Page 472
Setup Example, Example 9.13. Setting Up an SSL VPN Interface
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 472 highlights
9.6.4. Setup Example Chapter 9. VPN have been removed. To remedy this problem, the D-Link SSL VPN client software should be started by selecting it in the Windows Start menu and then stopped. 9.6.4. Setup Example Example 9.13. Setting Up an SSL VPN Interface This example shows how to set up a new SSL VPN interface called my_sslvpn. Assume that the physical interface If2 will be used to listen to client connections and this will have an external IP address already defined in the address book called sslvpn_server_ip. Connections will be made using SSL VPN to a server located on the network connected to the firewall's If3 Ethernet interface. Assume also that the IPv4 addresses that can be handed out to clients are defined in the address book object sslvpn_pool. This might contain the simple address range 10.0.0.2-10.0.0.9. Another address book IP object sslvpn_inner_ip might then be set as 10.0.0.1 and this is the inner IP of the NetDefendOS end of the tunnel. 1. Create an SSL VPN Object Command-Line Interface gw-world:/> add Interface SSLVPNInterface my_sslvpn InnerIP=sslvpn_inner_ip IPAddressPool=sslvpn_pool OuterInterface=If2 ServerIP=sslvpn_server_ip ProxyARPInterfaces=If3 Note: If multiple Proxy ARP interfaces are needed, they are specified as a comma separated list. For example: If3,If4,If5. Web Interface 1. Go to: Interfaces > SSL VPN Interface > Add > SSL VPN Interface 2. Now enter: • Specify a suitable name, for example my_sslvpn_if • Inner IP: sslvpn_inner_ip • Outer Interface: If2 • Server IP: sslvpn_server_ip • IP Pool: sslvpn_pool 3. Click the tab Add Route 4. Select the If3 interface in the Available list and press the ">>" button to move it into the Selected list 5. Click OK 2. Create an Authentication Rule Command-Line Interface gw-world:/> add UserAuthRule SSLVPNInterface ssl_login AuthSource=Local Interface=my_sslvpn_if OriginatorIP=all-nets LocalUserDB=lannet_auth_users Agent=SSL TerminatorIP=sslvpn_server_ip Name=ssl_login 472