D-Link DWC-1000 User Manual - Page 243
SSL VPN
View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 243 highlights
Chapter 9. SSL VPN Th e fo llo win g feat u re is av ailab le u p o n licen s ed act iv at io n o f VPN / Firewall feat u res fo r t h e s y s t em. Th e co n t ro ller p ro vid es an in t rin sic SSL VPN feat u re as an alt ernate t o t he s tandard IPs ec VPN. SSL VPN d iffers fro m IPs ec VPN main ly b y remo v in g t h e req u iremen t o f a p re -in s t alled VPN clien t o n t h e remo t e h o st . In stead , u sers can s ecurely lo g in t hro ugh t he SSL Us er Po rt al u s in g a s tandard web browser and receive access to configured network res ources within the corporate LA N. Th e co n t ro ller s u pp orts mu lt ip le co n current s essio ns t o allo w remo t e u s ers t o acces s t h e LA N o v er an en cry p t ed lin k t h ro u g h a cu s t o mizab le u s er p o rt al i n t erface, an d each SSL VPN us er can be as s igned unique privileges and network res ource acces s levels . Th e remo t e u s er can b e p ro v id ed d ifferen t o p t io n s fo r SSL s erv ice t h ro u g h t h is co n t ro ller: VPN Tunnel : Th e remo t e u s er‟s SSL en ab led b ro ws er is u s ed in p lace o f a VPN clien t o n t h e remo t e h o s t t o es t ab lis h a s ecu re VPN t u n n el. A SSL VPN clien t (A ct iv e -X o r Jav a b as ed ) is in s t alled in t h e remo t e h o st t o allo w t h e clien t t o jo in t h e co rp o rat e LA N wit h p re -co n fig u red acces s/policy privileges. A t this point a virtual network interface is created on the us er‟s hos t and this will be as s igned an IP addres s and DNS s erver addres s from the controller. Once es t ab lis h ed , t h e h o s t mach in e can acces s allo cat ed n et wo rk res o u rces . Port Forwardi ng : A web -b as ed (A ct iv eX o r Jav a) clien t is in s t alled o n t h e clien t mach in e ag ain . No t e t h at Po rt Fo rward in g s ervice o n ly s u p p o rt s TCP co n n ect io n s b et ween t h e remo t e u s er an d t h e co n tro ller. Th e co ntro ller ad min is t rat or can d efin e s pecific s erv ices o r ap p lications t h at are av ailab le t o remo t e p o rt fo rward in g u s ers in s t ead o f acces s t o t h e fu ll LA N like t h e VPN t u n n el. A ct iv eX clien t s are u s ed wh en t h e remo t e u ser accesses t h e p o rt al u s ing t he In t ern et Exp lo rer b ro ws er. Th e Jav a clien t is u s ed fo r o t h er b ro ws ers like M o zilla Firefo x, Net s cap e Nav ig at o r, Go o g le Ch ro me, an d A p p le Safari.