Home » Netgear Manuals » Networking » Netgear SSL312 » Manual Viewer

Netgear SSL312 SSL312 User Manual - Page 20

Routing, Disable Ethernet Port 2. - prosafe performance

UPC - 606449046441

Add to My Manuals
Save this manual to your list of manuals

Page 20 highlights

NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual services are decrypted by the SSL VPN Concentrator and relayed to the appropriate corporate network servers. . Firewall/Router IP Address 192.168.1.254 Corporate Server IP Address 192.168.1.3 LAN Subnet 192.168.1.0/24 SSL312 IP Address 192.168.1.1 Figure 2-1 Single arm mode has the advantage of being protected by your firewall. In later steps, you will use the following settings when configuring for single arm operation. • Assign Ethernet Port 1 an IP address on your local network. • Disable Ethernet Port 2. • Disable Routing Mode. • Define a default route to the firewall. • If your firewall performs NAT, you must configure the firewall to forward incoming HTTPS traffic to the IP address of Ethernet Port 1. Note: NETGEAR recommends single arm operation for most networks. Routing In the routing, or two port, topology, the SSL VPN Concentrator is connected in parallel with your existing firewall. Ethernet Port 1 is connected to the untrusted side of your firewall, while Ethernet Port 2 connects to your corporate network. 2-2 Installing the SSL312 v2.1, November 2008

Section	Page
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual	1
Contents	5
About This Manual	9
Conventions, Formats and Scope	9
Using This Manual	10
Printing this Manual	10
Revision History	12
Chapter 1 Introduction	13
About the ProSafe SSL VPN Concentrator 25	13
Key Features	13
Web Browser Requirements	14
What’s in the Box	15
Hardware Description	15
Front Panel	16
Back Panel	17
Steps for Deploying the SSL312	17
Chapter 2 Installing the SSL312	19
Choosing a Network Topology	19
Single Arm	19
Routing	20
Initial Connection to the SSL VPN Concentrator	21
Accessing the Management Interface	22
Configuring Basic Network Settings	24
Installing the SSL VPN Concentrator	26
Managing Certificates	26
Obtaining a Certificate from a Certificate Authority	27
Generating a Self-Signed Certificate	29
Uploading and Enabling the New Certificate	30
Viewing and Deleting Certificates	32
Steps for Further Configuration	33
Chapter 3 Authenticating Users	35
Authentication Domains	35
Local User Database Authentication	36
RADIUS and NT Domain Authentication	37
Configuring for RADIUS Domain Authentication	38
Configuring for NT Domain Authentication	39
LDAP Authentication	41
Sample LDAP Attributes	41
LDAP Attribute Rules	42
Sample LDAP Users and Attributes Settings	42
Querying an LDAP Server	43
Configuring for LDAP Authentication	43
Kerberos Authentication (Active Directory)	45
Troubleshooting Active Directory Authentication	46
Deleting a Domain	46
Chapter 4 Setting Up User and Group Access Policies	47
Determine Your Requirements	47
Users, Groups and Global Policies	48
Global Policies	49
Editing Global Policy Settings	50
Adding and Editing Global Policies	52
Defining and Editing Global Bookmarks	53
Groups Configuration	54
Adding a New Group	54
Editing Group Settings	55
Defining and Editing Group Policies	57
Defining and Editing Group Bookmarks	58
Deleting a Group	59
Users Configuration	60
Adding a New User	61
Editing a User	63
Defining and Editing User Policies	66
Defining and Editing a User Bookmarks	67
Deleting a User	68
Using Network Resource Objects to Simplify Policies	68
Chapter 5 Configuring the Remote Access Web Portal	73
Creating the Portal	73
Portal Options	74
Adding Portal Layouts	75
Adding Terminal Services Applications to the Portal	78
Customizing the Banner	79
Duplicating and Editing Portal Layouts	80
Preparing the Client for Using Portal Services	81
Terminal Services Client Compatibility	81
Microsoft Windows Terminal Services (Remote Desktop Connection)	81
Microsoft Remote Desktop Services Client for the Macintosh	82
Creating a User Guide for Portal Services	82
Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding	83
Two Approaches for VPN	83
SSL VPN Client Configuration	84
Adding IP Address Ranges	85
Adding Routes for VPN Tunnel Clients	86
Configuring Applications for Port Forwarding	88
Configuring Host Name Resolution	90
Chapter 7 Additional System Configuration	91
Configuring Network Settings	91
Sample SSL VPN Concentrator Configuration	91
Network Interface and Default Gateway Configuration	92
Static Route Configuration	94
Network Host Table Settings	96
Configuring DNS Settings	97
Setting Date and Time	99
System Configuration Utilities	100
Encrypting the Configuration File	101
Exporting and Saving a Backup Configuration File	101
Importing a Configuration File	102
Erasing the Configuration and Restoring the Default Settings	103
Upgrading the SSL VPN Concentrator Firmware	103
Additional Notes on the Management Interface	104
Chapter 8 Monitoring and Logging	105
SSL VPN Concentrator Status	105
Active Users	107
Event Log	108
Log Settings	109
Diagnostics	113
Appendix A Default Settings and Technical Specifications	115
Factory Default Settings	115
Technical Specifications	116
Appendix B Related Documents	117