NETGEAR SSL312 инструкция обслуживания
- Просмотреть online или скачать инструкцию
- 112 страниц
- 2.38 mb
Идти на страницу of
Похожие руководства по эксплуатации
-
Network Router
NETGEAR MBR624GU
106 страниц 2.11 mb -
Network Router
NETGEAR TA612V
2 страниц 0.11 mb -
Network Router
NETGEAR (LG2200D)
135 страниц 3.46 mb -
Network Router
NETGEAR R6300v2
135 страниц 6.97 mb -
Network Router
NETGEAR XEPS103XEPS103
2 страниц 0.12 mb -
Network Router
NETGEAR KWGR614
14 страниц 0.1 mb -
Network Router
NETGEAR JNR1010V2
91 страниц 3.54 mb -
Network Router
NETGEAR ReadyNAS 104
241 страниц 5.45 mb
Хорошее руководство по эксплуатации
Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации NETGEAR SSL312. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции NETGEAR SSL312 или обучающее видео для пользователей. Условием остается четкая и понятная форма.
Что такое руководство?
Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции NETGEAR SSL312 можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.
К сожалению немного пользователей находит время для чтения инструкций NETGEAR SSL312, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.
Из чего должно состоять идеальное руководство по эксплуатации?
Прежде всего в инструкции NETGEAR SSL312 должна находится:
- информация относительно технических данных устройства NETGEAR SSL312
- название производителя и год производства оборудования NETGEAR SSL312
- правила обслуживания, настройки и ухода за оборудованием NETGEAR SSL312
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам
Почему мы не читаем инструкций?
Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск NETGEAR SSL312 это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок NETGEAR SSL312 и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта NETGEAR, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания NETGEAR SSL312, как это часто бывает в случае бумажной версии.
Почему стоит читать инструкции?
Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства NETGEAR SSL312, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.
После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции NETGEAR SSL312. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.
Содержание руководства
-
Страница 1
202-10208-01 August 2006 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual[...]
-
Страница 2
ii v1.0, August 2006 T echnical Support Please register to obtain technical support. Please retain your proof of purchase and warranty information. T o register your product, get product support or obtai n product information and product documentation, go to http://www .NETGEAR.com . If you do not have access to the W orld W ide W eb, you may regis[...]
-
Страница 3
v1.0, August 2006 iii RF Exposure W arning for North America, and Australia Wa r n i n g ! T o ensure compliance with FCC RF exp osure requirements , the antenna used for this devic e must be installed to provide a separation dist anc e of at least 20 cm (8 in) from all persons and must not be co-located or operating in conjunction with any other a[...]
-
Страница 4
v1.0, Augus t 2006 iv[...]
-
Страница 5
v v1.0, August 2006 Content s About This Manual Conventions, Formats and Scope ................ ................... ................... .................... .......... ix How to Use This Manual ................. ................... ................... ................. ................... ........ x How to Print this Manual ..... ..................[...]
-
Страница 6
vi v1.0, August 2006 Importing a Configuration File ......... ................ .................... ................ ................... .. 4-3 Erasing and Restoring the Default Settings .................... ....................... .................. 4-4 Upgrading the SSL VPN Concentrator Firmwar e ......... ....... ...... ....... ... ...... ......[...]
-
Страница 7
vii v1.0, August 2006 LDAP Attribute Rules ............ ................. ................... ................... .................... ...... 6-21 Sample LDAP Users and Attributes Settings ............ ... ... .... ... ................ ... ... .... ... ... 6-21 Querying an LDAP Server .. .................... ................... ................... [...]
-
Страница 8
viii v1.0, August 2006 Appendix B Related Document s Index[...]
-
Страница 9
ix v1.0, August 2006 About This Manual The NETGEAR ® Pr osafe™ SSL VPN Concentrator 25 S SL312 Refer ence Manual describes how to install, configure and troubl eshoot the ProSafe SSL VPN Concentrator 25. The information in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Format s and Scope The conv[...]
-
Страница 10
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l x v1.0, August 2006 • Scope. This manual is written for the S SL VP N Concentrator according to these specifications: For more information about networ k, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix B, “Related Documents” . How to U[...]
-
Страница 11
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual xi v1.0, August 2006 Each page in the HTML version of the manu al is dedicated to a major topic. Use the Print button on the brows er toolbar to print the page contents. • Printing a Chapter . Use the PDF of This Chapter link at the top left of any page. – Click the PDF of This [...]
-
Страница 12
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l xii v1.0, August 2006[...]
-
Страница 13
1-1 v1.0, August 2006 Chapter 1 Introduction This chapter describes some of the key features of the NETGEAR ® ProSafe™ SSL VPN Concentrator 25 SSL312. It also includes th e minimum prerequisites for installation and ( “W eb Browser Requirements” on page 1-2 .), package co ntents ( “Wh at’ s in the Box” on page 1-3 ), and a description [...]
-
Страница 14
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 1-2 Introduction v1.0, August 2006 • Connects to the SSL VPN Concentrator throug h a number of popular browsers, such as Microsoft Internet Exp l orer or Apple Safari. • Supports 25 concurrent sessions. • Provides granul ar access to corporate resources based upon user type or g[...]
-
Страница 15
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Introduction 1-3 v1.0, August 2006 T o configure the NETGEAR ProSafe SSL VPN Conc entrator 25, an administrator must use an Internet Explorer 6.5.1 or higher , Apple Safari 1.2 or higher , or Mozilla l.x web browser with JavaScript , cookies , and SSL-enabled . What’ s in the Box [...]
-
Страница 16
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 1-4 Introduction v1.0, August 2006 1. LED Power Indicator: • Of f – No power • On – Power is on. 2. LED Self test Indicator . • Self test – on while initializing. (~2 minutes) • Loading Software – bli nking while uploading software • System fault – on ( prolonged) [...]
-
Страница 17
2-1 v1.0, August 2006 Chapter 2 Basic Inst allation and Configuration The initial administrative setup of the ProSafe SSL VPN Concentrator 25 must be performed using an Internet Explorer Browser 6.5.1 or higher , Appl e Safari 1.2 or higher , or Mozilla 1.x. End Users can use IE 6.5.1 or high er or Apple Safari 1.2 or higher . The browsers shou ld [...]
-
Страница 18
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-2 Basic Installation and Configuration v1.0, August 2006 Configuring the ProSafe SSL VPN Concentrator 25 After the ProSafe SSL VPN Concentrator 25 software has been installed and the Static IP address configured, you may log into the SSL VPN Concen trator web management interface fr[...]
-
Страница 19
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Basic Installation and Configura tion 2-3 v1.0, August 2006 5. Click Login to log in the SSL VPN Concentrator Management Interface. Once you have logged in, the fol lowing St a t u s screen will display . The navigation links under System Configuration, Access Administrati on, Monit[...]
-
Страница 20
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-4 Basic Installation and Configuration v1.0, August 2006 •T h e Launch Portal option under SSL VPN Portal in the navigation menu opens an SSL VPN portal window for users. • In addition to the online help provided wi th each menu, you can access W eb Support by clicking the Knowl[...]
-
Страница 21
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Basic Installation and Configura tion 2-5 v1.0, August 2006 VPN Concentrator 25” . (Complete installation instru ctions can be found in the Pr oSafe SSL VPN Concentrator 25 Installation Guide or “Installing the SSL VPN Concentrator ” on page 2-1 .) T o log in to the SSL VPN Co[...]
-
Страница 22
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-6 Basic Installation and Configuration v1.0, August 2006[...]
-
Страница 23
3-1 v1.0, August 2006 Chapter 3 S t atus and Logging This chapter provides an overview of the SSL VPN Concentrator admini strative interface and describes the SSL VPN Concentrator status informa tion, logging, alerting and reporting features. These settings may be viewed in the S tatus and Logs section of the SSL VPN Concentrator administrator inte[...]
-
Страница 24
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-2 Status and Logging v1.0, August 2006 The St a t u s window shows important state and config ur ation information. Be sure to check the St a t u s window for error messages and confirm th at SSL VPN Concentrator is configured properly . From the St a t u s p ag e, you may view: •[...]
-
Страница 25
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Status and Logging 3-3 v1.0, August 2006 Event Log The SSL VPN Concentrator provides web based loggin g. It also provides the ability to send log messages to an external syslog serv er using the syslog protocol and to E-mail log files and alert messages to an E-mail address or pager[...]
-
Страница 26
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-4 Status and Logging v1.0, August 2006 • User name . The User name field shows the authenticated name of the user or administrator that generated the log event. • Log message . The message field describes the event th at occurred. Examples of log message s include “ Administra[...]
-
Страница 27
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Status and Logging 3-5 v1.0, August 2006 By default, 50 messages are displayed per page. If more than 50 events have been logged, then a Page number menu will be displayed at the top of the event log table. Select the desired page number from the Page menu to see archived log messag[...]
-
Страница 28
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-6 Status and Logging v1.0, August 2006 Log Settings The SSL VPN Concentrator supports web-based logging, syslog logging and e-mail alert messages. In addition, the SSL VPN Co ncentrator may be configured to e-mail the event log file to the SSL VPN Concentrator administrator before t[...]
-
Страница 29
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Status and Logging 3-7 v1.0, August 2006 2. In the SysLog Settings section, enter the IP address or full y qualified domain name of your syslog server in the Primary Syslog Server field. Leave this field blan k if you do not require syslog logging. 3. If you have a backup o r second[...]
-
Страница 30
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-8 Status and Logging v1.0, August 2006 • Alerts: Error 6. Click Apply to confirm your settings.[...]
-
Страница 31
4-1 v1.0, August 2006 Chapter 4 General Settings This chapter provides instructions for saving and restoring the co nfiguration file, upgrading th e firmware and for managing SSL certificate f iles. It also covers restarting the SSL VPN Concentrator and configuring the time and date settings. Sections include: • Exporting and Saving a Backup Conf[...]
-
Страница 32
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-2 General Settings v1.0, August 2006 Encrypting the Configuration File For security purposes, you can encrypt the configura tion files. However , if the configuration files are encrypted, they cannot be edited or reviewed for troubleshooting purposes. T o encrypt the configuration f[...]
-
Страница 33
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual General Settings 4-3 v1.0, August 2006 3. Choose the location to save the conf iguration file. The file is na med “conf.zip” by default, bu t it can be renamed. 4. Click Save to save the configuration file. Importing a Configuration File T o import a saved confi guration file: 1[...]
-
Страница 34
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-4 General Settings v1.0, August 2006 Erasing and Restoring the Default Settings T o erase your SSL VPN Concentrator configuratio n set tings and restore the initial configuration: 1. Click Erase . 2. A dialog box will prompt you to confirm the change. Click OK to restore the initial[...]
-
Страница 35
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual General Settings 4-5 v1.0, August 2006 2. Click Br owse to locate the sa ved firmware file, ssl312-X.X .X.tar.gz , where X.X.X indicates the release version. 3. Select the file and then click Upload . 4. Once the file has been uploaded, restart the SSL VPN Concentrator server for th[...]
-
Страница 36
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-6 General Settings v1.0, August 2006 2. Select your time zone from the Select Y our T ime Zone drop-down menu. 3. Select either the Use Network Time Pr otocol (NTP) radio box or the Set date and time manually radio box. If you selecte d the manual option, enter th e desired time (in[...]
-
Страница 37
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual General Settings 4-7 v1.0, August 2006 If you enabled NTP , then the N TP time settings will overr ide the manually configured time settings. The NTP time settings will be determined by the NTP serv er and the time zone that is selected in the Select Y our Time Zone menu. Certificat[...]
-
Страница 38
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-8 General Settings v1.0, August 2006 3. Fill out all of the fields with the appropriate information. 4. Check the Generate a Self-signed Certificate radio box to genera te a new CR T . If all information is entered correctly , a crt.zi p file will be creat ed. This file includes a s[...]
-
Страница 39
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual General Settings 4-9 v1.0, August 2006 and a certificate key file named “ serv er.key ”. If the zipped file does not contain these two files, the zipped file will not be uploaded 8. Click Upload to save the file to the Cert Description table. Once the certificate has been upload[...]
-
Страница 40
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-10 General Settings v1.0, August 2006 2. Click Enable . The SSL VPN Concentrator software will restart using the new certificate. In order to obtain a valid certificate from a widely accepted Certificate Auth ority such as V erisign or Thawte, you must generate a Certific ate Signin[...]
-
Страница 41
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual General Settings 4-11 v1.0, August 2006 Y ou may also delete an expired or incorrect certificate. Delete the certificate by clicking Delete . Figure 4-1 1 Note: The Delete button will not be displayed if the SSL certificate is acti ve. T o delete a certificate, uplo ad and activate [...]
-
Страница 42
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-12 General Settings v1.0, August 2006[...]
-
Страница 43
5-1 v1.0, August 2006 Chapter 5 Network Settings This chapter describes how to configure network and IP settings. These settings should be configured by a network administrator . The Network settings to be configured include: • Configuring Network Settings • Network Interface Configuration • Network Route Configuration • Network Host T able[...]
-
Страница 44
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-2 Network Settings v1.0, August 2006 • Interface Ethernet Port 1 subnet mask: 255.255.255.0 (subnet: 19 2.168.1.0/24 ) • Default gateway address (F ir ewall/Router address): 192.168.1.2 In this configuration, the IP addresses of devices in the local network should be configured [...]
-
Страница 45
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Network Settings 5-3 v1.0, August 2006 2. Enter the Ethernet Port 1 subnet mask that has been configured for your network. The subnet mask value should be the same value as th e subnet mask configured on your network computers. The factory default is 255.2 55.25 5.0 (The subnet mask[...]
-
Страница 46
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-4 Network Settings v1.0, August 2006 6. Click Apply to save your settings. If the interface is configured to terminate SSL VPN connections, then restart the SSL VPN Concentrator software for the change to take effect. T o complete the IP settings configuration, al so configure SSL V[...]
-
Страница 47
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Network Settings 5-5 v1.0, August 2006 T o configure a static route: 1. In the Add S tatic Routes section, enter the destination networ k address of the static route in the Destination Network field. The destination netw ork addres s is an IP address in the remote network subnet. 2.[...]
-
Страница 48
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-6 Network Settings v1.0, August 2006 3. Enter the IP address of your router in the Gateway Address field. The gate way address should be in the same subnet as the et hernet-1 or ethernet-2 interface. For example, if the ethernet -1 interface address is “ 10.0.0.100 ” and the sub[...]
-
Страница 49
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Network Settings 5-7 v1.0, August 2006 Once the new Host has been added, th e Host will be displayed in the Host T able. The Host Ta b l e displays a list of the configured ho st names and the corresponding IP addresses Configuring DNS Settings The DNS Settings window allows the Pro[...]
-
Страница 50
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-8 Network Settings v1.0, August 2006 2. Enter the Hostname for the ProSafe SSL VPN Concentrator 25 device. The hostn a me is used to identify the SSL VPN Concentrator devi ce on the network. Use only letters and numbers for the hostname; do not enter non-ASCII charac ters such as sp[...]
-
Страница 51
6-1 v1.0, August 2006 Chapter 6 Group and User Access Policies This chapter describes how to define user s and groups and how to configure SSL VPN Concentrator access policies and bookmarks for the users and groups. This chapte r includes the following topics: • Editing Global Policy Settings • Adding and Editing Global Policies • Defining an[...]
-
Страница 52
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-2 Group and User Access Policies v1.0, August 2006 3. If two or more user , group or global policies are co nfigured, the most specific policy ta kes precedence . For example, a policy configured for a single IP address ta kes precedence over a policy c onfigured for a range of addr[...]
-
Страница 53
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-3 v1.0, August 2006 Global Policies Y ou can view and configure the SSL VPN Concentrator Global Policies, Groups and Users by selecting Users and Groups under the Access Administration menu in the left navigation pane. Editing Global Policy Settings [...]
-
Страница 54
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-4 Group and User Access Policies v1.0, August 2006 2. Enter the number of minutes of inactivity to allow in the Inactivity T imeout field. 3. Click Apply to save the configuration changes. The inactivity timeout can be set at the user , gr oup and g lobal level. If one or more timeo[...]
-
Страница 55
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-5 v1.0, August 2006 2. From the Apply Policy T o pull-down menu, select whether the policy will be applied to a predefined network resource, an individual host, a network or all a ddresse s. 3. Enter a name for the policy in the Policy Name field. ?[...]
-
Страница 56
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-6 Group and User Access Policies v1.0, August 2006 Defining and Editin g Global Bookmarks T o define global bookmarks: 1. Click Add Bookma rk in the Global Bookmarks section. An Add Bookmark window will be displaye d. When global bookmarks are de fined, all members will see th e def[...]
-
Страница 57
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-7 v1.0, August 2006 SSL VPN Concentrator Groups are also defined from the Users and Groups screen. Select the Users and Groups option un der the Access and Administration menu in the left navigation pane. The User s and Groups screen will display Add[...]
-
Страница 58
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-8 Group and User Access Policies v1.0, August 2006 . 2. Enter a descriptive name for the group in the Group Name field. 3. Select the appropriate domain in the Domain menu. The domain will determine the authentication method for the group. 4. Click Apply to update the configuration.[...]
-
Страница 59
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-9 v1.0, August 2006 The inactivity timeout can be set at the user , group and global level. Set the timeout as 0 in the user and group configuration to use the global timeout setting. If multiple timeout settings are configured, the user timeout sett[...]
-
Страница 60
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-10 Group and Us er Access Policies v1.0, August 2006 The most specific poli cy will take precedence over less specific policies. For example, a policy that applies to only one IP address will have priority over a policy that applies to a range of IP addresses. If there are two polic[...]
-
Страница 61
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-11 v1.0, August 2006 • If your policy applies to a predefined netw ork resource, select the name of the resource from the Defined Resource pull-down menu. For inform ation abou t creating network resources, refer to Chapter 8, “Network Resources?[...]
-
Страница 62
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-12 Group and Us er Access Policies v1.0, August 2006 . 2. Enter a descriptive name in the Bookmark Name field. 3. Enter the domain name or the IP address of a host machine on the LAN in the Name or IP Address field. 4. Select the service type from the drop-down Service menu. 5. If T[...]
-
Страница 63
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-13 v1.0, August 2006 T o delete a group that is the defau lt group for an authentication domain: 1. Delete the corresponding domain (you cannot delete the group in the Gr oup Settings window). 2. If the group is not the default group for an auth enti[...]
-
Страница 64
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-14 Group and Us er Access Policies v1.0, August 2006 Adding a New User T o create a new user: 1. Click Add Us er on the Users and Groups screen. An Add User window will display . 2. Enter the user name for the user in the User Name field. This will be the name the user will enter in[...]
-
Страница 65
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-15 v1.0, August 2006 If the selected group is in a domain that uses internal databa se authen tication, such as the default “geardomain” domain, then the follo wi ng window will display : 5. Enter the user password in the Password field. 6. Re-en[...]
-
Страница 66
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-16 Group and Us er Access Policies v1.0, August 2006 . 2. Enter the new user password in the Password field to modify the user password. 3. Enter the password again in the Confirm Password field. 4. Click Apply to update the configuration T o change the user inactivity timeout: 1. E[...]
-
Страница 67
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-17 v1.0, August 2006 Defining and Editing User Policies T o define user access policies : 1. Click Add Policy on the Edit User Settings screen. An Add Policy window will display . 2. In the Apply Policy T o pull-down menu, select whether the policy w[...]
-
Страница 68
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-18 Group and Us er Access Policies v1.0, August 2006 6. Click Apply to update the confi guration. Once the configuration has been upda ted, the new policy will be displayed in the Edit User Setting s window . The user policies will be displayed in the Edit Users Settings screen in t[...]
-
Страница 69
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-19 v1.0, August 2006 Deleting a User T o delete a user: 1. Click the Delete link adjacent to the users name in the Users table. The user will be removed from the table in the Users and Groups window , or 2. Click the user name that you wish to remove[...]
-
Страница 70
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-20 Group and Us er Access Policies v1.0, August 2006 LDAP Authentication Domain s for Group Policies and Bookmarks LDAP (Lightweight Directory Access Protocol) is a standa rd for querying and updating a directory . Since LDAP supports a multilevel hier archy (for example, groups or [...]
-
Страница 71
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Group and User Access Policies 6-21 v1.0, August 2006 LDAP Attribute Rules • If multiple attributes are defined for a g roup, ALL attributes must be met by LDAP users. • If no attributes are defined, then any user auth orized by the LDAP serv er can be a member of the group. •[...]
-
Страница 72
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-22 Group and Us er Access Policies v1.0, August 2006 Where: • 10.0.0.5 is the IP address of the LDAP or Active Directory server • “cn=demo,cn=users,dc=netgearnetwo rks,dc=net” is the distinguished name of an LDAP user • demo123 is the password for the user demo • “dc=n[...]
-
Страница 73
7-1 v1.0, August 2006 Chapter 7 Domains and Layout s This chapter explains how to define authenti cation domains, such as RADIUS, NT Domain, LDAP , and Active Directory configuration. It describes: • Authentication Domains • Local User Database Authentication • RADIUS Authentication • NT Domain Authentication • LDAP Authentication • Act[...]
-
Страница 74
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-2 Domains and La yo ut s v1.0, August 2006 Additional domains may be created that require authentication to remote authentic ation servers. The SSL VPN Concentrator supports RADIUS ( P AP , CHAP , MSCHAP , and MSCHAPV2 ), LDAP , NT Domain, and Active Directory authentic ation in add[...]
-
Страница 75
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-3 v1.0, August 2006 6. Click Apply to update the configuration. Once the domain has been added, the domain will be added to the table on the Domains screen RADIUS Authentication T o create a domain with Radius authentication: 1. Click Add Domain . An Add Domain[...]
-
Страница 76
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-4 Domains and La yo ut s v1.0, August 2006 7. Check the Requir e client d igital certificates checkbox to force users to supply a valid digital certificate before granting access. The CNAME of the client certificate must match the user name that the user supplies to log in and the c[...]
-
Страница 77
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-5 v1.0, August 2006 3. Enter the IP address or host and domain name of the server in the NT Server Address field. 4. Enter the NT authenti cation domain in the NT Domain Name field. This is the domain name configured on the Window s authentication server for ne[...]
-
Страница 78
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-6 Domains and La yo ut s v1.0, August 2006 : 2. Enter a descriptive name for th e authentication domain in the Domain Name field. This is the domain name users will select in order to lo g into the SSL VPN portal. It can be the same value as the Server Address field. 3. Enter the IP[...]
-
Страница 79
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-7 v1.0, August 2006 6. Check the Requir e client d igital certificates checkbox to force users to supply a valid digital certificate before granting access. The CNAME of the client certificate must match the user name that the user supplies to log in and the ce[...]
-
Страница 80
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-8 Domains and La yo ut s v1.0, August 2006 3. Enter a descriptive name for th e authentication domain in the Domain Name field. This is the domain name users will select in order to lo g into the SSL VPN portal. It can be the same value as the Server Address field or the Active Dire[...]
-
Страница 81
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-9 v1.0, August 2006 If your users are unable to connect via Active Directo ry , ve rify the following: 1. The time settings between the Active Directory server and the SSL VPN Concentrator must be synchronized. Kerberos authentication, used by Active Directory [...]
-
Страница 82
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-10 Domains and Layo ut s v1.0, August 2006 . Adding Port al Layouts The SSL VPN Concentrator administrator may defi ne individual layouts for the SSL VPN portal. The layout configuration includ es the theme, menu layout, portal pages to dis play , portal application icons to display[...]
-
Страница 83
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-11 v1.0, August 2006 : b. Enter the title for the we b browser window in the Portal Site Title field. c. If you wish to display a banner message to users before they log in to the portal, enter the banner title text in the Banner T itle field. Also enter the ba[...]
-
Страница 84
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-12 Domains and Layo ut s v1.0, August 2006 e. Check the ActiveX web c ache cleaner radio box to load an Ac tiveX cache control when users log in to the SSL VPN portal. The web cache cleaner will prompt the user to delete all temporary Internet files, cookies and browser history when[...]
-
Страница 85
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-13 v1.0, August 2006 T o add a T erminal Services Application: 1. Enter a description of the application in the Application Description field. This name will be shown beneath the application icon on the SSL VPN Portal Applications page. 2. Enter the path and ap[...]
-
Страница 86
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-14 Domains and Layo ut s v1.0, August 2006 T o upload a banner image: 1. On the Portal Layo ut screen (see Figure 7-8 on page 7- 11 ), click Upl oad Banner . The Custom Banner screen will display . 2. Click Br owse to locate and upload a .gif file. If upload is successful, two new b[...]
-
Страница 87
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Domains and Layouts 7-15 v1.0, August 2006 4. Click Apply . A new portal will be created with the same features as the existing portal and will be displayed in the Portal Layo uts table. T o modify the features of an existing portal: 1. Click Portal Layouts under the SSL VPN Portal [...]
-
Страница 88
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-16 Domains and Layo ut s v1.0, August 2006 Advanced Port al Page Layout Specifications For most SSL VPN administrators, a plain text page message and a list of links to network resources will provide the prefect portal desktop page. But for the more advanced administrator that want [...]
-
Страница 89
8-1 v1.0, August 2006 Chapter 8 Network Resources This chapter explains how to define network resource groups. Network resources facilitate creating and updating access policies. Network Resources are groups of host names, IP addresses and IP address ranges . By defining resource objects, you can more quickly configure network policies. This i s be[...]
-
Страница 90
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-2 Network Resources v1.0, August 2006 3. In the Resource Name field, enter a name for the Network Resource. 4. From the Services pull-down menu, select the type of service to which the Network Resource will apply . 5. Click Apply . The new Network Resource will display in the table [...]
-
Страница 91
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Network Resources 8-3 v1.0, August 2006 . 2. From the Object T ype pu ll-down menu unde r Add Resource Addr esses , select either IP Address or IP Netw or k : • If IP Address was selected, enter an IP address or fully qualified domain name in the IP Address/Name field. • If IP N[...]
-
Страница 92
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-4 Network Resources v1.0, August 2006 T o delete a defined resource, click Delete in the Defined Resource Addresses table adjacent to the resource you wish to delete. T o create policies based on netw ork objects, see Chapter 6, “Group and User Access Policies” , for instruction[...]
-
Страница 93
9-1 v1.0, August 2006 Chapter 9 VPN T unnel Client This chapter describes the configuration for a VP N T unnel Client, an SSL VPN client that is deployed from the SSL VPN portal. It covers: • Adding IP Address Ranges • Adding Routes for VPN T unnel Clients Beyond what is defined in “Logging in to the Management Interface” on page 2-4 , the [...]
-
Страница 94
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 9-2 VPN Tunnel Client v1.0, August 2006 • The VPN T unnel Client cannot conta ct a server on the corporate network if the VPN Tunnel Client's Ethernet interface shares the same IP address as the server or the SSL VPN Concentrator (i.e., if your laptop has a physical interface a[...]
-
Страница 95
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual VPN Tunnel Client 9-3 v1.0, August 2006 . Adding Routes for VPN T unnel Client s The Add Rou tes for VP N T unnel Clients section allows you to define the addresses of devices on your local network. C l ie nt routes are only requir ed if the client address range is in a different su[...]
-
Страница 96
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 9-4 VPN Tunnel Client v1.0, August 2006 – Addresses between 128.0.0.0 and 191.255.255.255 are Class B addresses; the VPN T unnel Client will as sume tha t all addresses with the same first two octets are located across the VPN tunnel. – Addresses between 192.0.0.0 and 223.255.255.[...]
-
Страница 97
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual VPN Tunnel Client 9-5 v1.0, August 2006 . T o delete a VPN T u nnel Cl ient Route: 1. Click the Delete link adjacent to the client route in the Configur ed Client Routes table. 2. Restart the SSL VPN Concentrator software if VPN T unnel Clients are currently connected to the SSL VPN[...]
-
Страница 98
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 9-6 VPN Tunnel Client v1.0, August 2006[...]
-
Страница 99
10-1 v1.0, August 2006 Chapter 10 Port Forwarding This chapter describes the configuration for Port Forwarding, a web-based SSL VP N client that installs transparently and then create s a virtual, en crypted tunnel to the remote network. Using Port Forwarding, mobile users can access mission-criti cal applicat ions suc h as email or mapped network [...]
-
Страница 100
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 10-2 Port Forwarding v1.0, August 2006 2. In the Configur ed Ap plications for Port Forwarding section, enter the IP address of an internal server or host computer in the IP Addr e ss field. 3. Enter the TCP port number of the ap plication to be t unneled in the TCP Port field. Ta b l[...]
-
Страница 101
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Port Forwar din g 10-3 v1.0, August 2006 Configuring Host Name Resolution Once all the server and port inform ation has been configured, remote users will be able to access private network servers using Port Forwarding. Si nce users will need to re member the complicated IP addresse[...]
-
Страница 102
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 10-4 Port Forwarding v1.0, August 2006[...]
-
Страница 103
Default Settings and Technical Specifications A-1 v1.0, August 2006 Appendix A Default Settings and T echnical Specifications This appendix provides the factory default settings and techni cal specifications for the ProSafe SSL VPN Concentrator 25. Factory Default Settings Y ou can use the reset button located on the front of your device to reset a[...]
-
Страница 104
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l A-2 Default Settings and Technical Specifications v1.0, August 2006 T echnical Specifications Gateway Address 0.0.0.0 Concentra tor Ethernet MAC Address See bottom label. T ime Zone GMT T ime Zone Adjusted for Daylight Saving Ti m e Automatica lly enabled if DST available in area sele[...]
-
Страница 105
Related Documents B-1 v1.0, August 2006 Appendix B Related Document s This appendix provides links to reference documents you c an use to gain a more complete understanding of the technolog ies used in your NETGE AR product. Document Link Internet Networking and TCP/IP Addressing http://documentation.net gear .com/r efer en ce/enu/tcpip/index.htm W[...]
-
Страница 106
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l B-2 Related Documents v1.0, August 2006[...]
-
Страница 107
Index-1 v1.0, August 2006 Index Numerics 10.0.0.1 Port 2 default 5-3 192.168.1.1 Port 1 default 5-2 A Active Directory 6-14 , 7-2 , 7-7 synchronizing 7-9 W indows server config 7-9 Active Users 3-2 , 3-5 ActiveX web cache control 7-12 Add Bookmark 6-6 user 6-18 Add Default Route 5-4 Add Domain 7-2 Add Group 6-7 Add Policy user 6-17 Add User 6-14 Ap[...]
-
Страница 108
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-2 v1.0, August 2006 management, login warning 2-4 obtaining 4-10 viewin g current 4- 10 CHAP 7-3 Class A addresses 9-3 Class B addresses 9-4 Class C addresses 9-4 configuration files encrypting 4-1 , 4-2 exporting 4-1 , 4-2 importing 4-1 , 4-3 saving 4-2 configuration settings r[...]
-
Страница 109
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Index-3 v1.0, August 2006 Global Policie s 6-1 adding 6-4 editing 6-4 table 6-5 Global Policy configuring 6-3 Group Bookmarks adding 6-11 editing 6-11 service type 6-12 Group Policies 6-1 adding 6-9 deleting 6-12 editing 6-9 Group Policies table 6-11 Group Policy Add 6-10 Add Bookma[...]
-
Страница 110
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-4 v1.0, August 2006 Network Address Translation 5-4 network configuration example 5-1 Network Host Table 5-6 mapping FQDNs 5-6 mapping host names 5-6 Network Interface configuring 5-2 network resource objects configuring 2-4 creating policies 8-4 Network Resources 8-1 editing 8-[...]
-
Страница 111
NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Index-5 v1.0, August 2006 Self-signed Certificate 4-8 Send Event Logs 3-7 serial console port 1-4 DTE connection 1-4 port 1-4 service type users 6-17 software version checking 3-2 SSH 8-2 SSL-VPN Concentrator status of 3-1 start time and date 3-2 static IP address 2-1 Static Routes [...]
-
Страница 112
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-6 v1.0, August 2006 WINS 9-1[...]