Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/newdedyk/domains/bkmanuals.com/public_html/includes/pages/manual_inc.php on line 26
NETGEAR SSL312 manuale d’uso - BKManuals

NETGEAR SSL312 manuale d’uso

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

Vai alla pagina of

Un buon manuale d’uso

Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso NETGEAR SSL312. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica NETGEAR SSL312 o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.

Che cosa è il manuale d’uso?

La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso NETGEAR SSL312 descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.

Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.

Quindi cosa dovrebbe contenere il manuale perfetto?

Innanzitutto, il manuale d’uso NETGEAR SSL312 dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo NETGEAR SSL312
- nome del fabbricante e anno di fabbricazione NETGEAR SSL312
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature NETGEAR SSL312
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti

Perché non leggiamo i manuali d’uso?

Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio NETGEAR SSL312 non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti NETGEAR SSL312 e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio NETGEAR in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche NETGEAR SSL312, come nel caso della versione cartacea.

Perché leggere il manuale d’uso?

Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo NETGEAR SSL312, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.

Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso NETGEAR SSL312. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.

Sommario del manuale d’uso

  • Pagina 1

    202-10208-04 May 2007 v2.0 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual[...]

  • Pagina 2

    ii v2.0, May 2007 © 2007 by NETGEAR, Inc. All rights reserved. T echnical Support Please register to obtain technical support. Please retain your proof of purchase and warranty information. T o register your product, get product support or obtai n product information and product documentation, go to http://www .NETGEAR.com . If you do not have acc[...]

  • Pagina 3

    v2.0, May 2007 iii EU Regulatory Compliance S tatement ProSafe SSL VPN Concentrator 25 is compliant with the following EU Council Directives: 89/336/EEC and L VD 73/23/EEC. Compliance is verified by testing to the followin g standards: EN55022 Class B, EN55024 and EN60950. Certificate of the Manufacturer/Importer It is hereby certified that the Pro[...]

  • Pagina 4

    v2.0, Ma y 20 07 iv Product and Publication Det ails Model Number: SSL312 Publication Date: May 2007 Product Family: Concentrator Product Name: ProSafe SSL VPN Concentrator 25 Home or Business Prod uc t: Business Language: Engl ish Publication Part Number: 202-10208-04 Publication V ersion Number: 2.0[...]

  • Pagina 5

    v v2.0, May 2007 Content s About This Manual Conventions, Formats and Scope ................... ................... .................... ................... ....... ix Using This Manual .............. ................... ................... ................. ................... ................... .. x Printing this Manual .........................[...]

  • Pagina 6

    vi v2.0, May 2007 S teps for Further Configuration ............. ... .... ................ ................ ................... ............. 2-14 Chapter 3 Authenticating Users Authentication Domains .. .... ... ... ... .... ... ... ... .... ... ................ ................... ................ ............ 3-1 Local User Database Au thenticat[...]

  • Pagina 7

    vii v2.0, May 2007 Editing a User ........ ................ .................... ................... .................... ................... ... 4-16 Defining and Editing User Policies ............ ... ................... ................. ................... ... 4-18 Defining and Editing a User Bookmarks ... ......... ................. ..........[...]

  • Pagina 8

    viii v2.0, May 2007 Erasing the Configuration a nd Restoring the Default Setti ngs .. ................... .......... 7-13 Upgrading the SSL VPN Concentrator Firmwar e .. ................ ................... ............. 7-13 Additional Notes on the Management Interf ac e ........... ................... ................... .......... 7-14 Chapter 8[...]

  • Pagina 9

    ix v2.0, May 2007 About This Manual The NETGEAR ® Pr osafe™ SSL VPN Concentrator 25 S SL312 Refer ence Manual describes how to install and configure the SSL312 . The information in this manual is intended for administrators who will configure the SSL312. Y ou should have intermediate computer and Internet skills. Conventions, Format s and Scope [...]

  • Pagina 10

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l x About This Manual v2.0, May 2007 • Scope. This manual is written for the S SL VP N Concentrator according to these specifications: For more information about networ k, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix B , “R elated Doc um[...]

  • Pagina 11

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual About This Manual xi v2.0, May 2007 Each page in the HTML version of the manu al is dedicated to a major topic. Use the Print button on the brows er toolbar to print the page contents. • Printing a Chapter . Use the PDF of This Chapter link at the top left of any page. – Click t[...]

  • Pagina 12

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l xii About This Manual v2.0, May 2007 Revision History Ve r s i o n Date Descripti on of Changes -01, v1.1 November 2006 • Restructu red the contents so that comm on setup and configuration tasks are easier to find • Added new topics • Added a link to a Microsoft Word template fo[...]

  • Pagina 13

    1-1 v2.0, May 2007 Chapter 1 Introduction This chapter describes some of the key features of the NETGEAR ® ProSafe™ SSL VPN Concentrator 25 SSL312. It also includes the minimum prerequisites for installation ( “W eb Browser Requirements” on page 1-2 .), package conte nts ( “What’ s in the Box” on page 1-3 ), and a description of the fr[...]

  • Pagina 14

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 1-2 Introduction v2.0, May 2007 • Supports multiple user authenti cations, including local database , Microsoft Active Directory , LDAP , NT Domain and RADIUS. • Provides client-less access with customiz able us er portals and support for a wide variety of user repositories. Acces[...]

  • Pagina 15

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Introduction 1-3 v2.0, May 2007 End Users can use Microsoft Internet Explorer 5.1 or higher , Apple Safari 1.2 or higher or Mozilla Firefox 1.x (for VPN tunnel, VNC, Network Pl aces and Utilities). The br owsers should also support JavaScript, Java, cookies, SSL and Activ eX to take[...]

  • Pagina 16

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 1-4 Introduction v2.0, May 2007 1. LED Power Indicator: • Of f – No power • On – Power is on. 2. LED Self test Indicator . • Self test – on while initializing. (~2 minutes) • Loading Software – bli nking while uploading software • System fault – on ( prolonged) Thi[...]

  • Pagina 17

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Introduction 1-5 v2.0, May 2007 S tep s for Deploying the SSL312 Three basic steps are involved in deploying the ProSafe SSL VPN Concentrator 25 in your network. • Installing the SSL312: choosing a network topolo g y , configuring its IP add ressing scheme, connecting the SSL312, [...]

  • Pagina 18

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 1-6 Introduction v2.0, May 2007[...]

  • Pagina 19

    2-1 v2.0, May 2007 Chapter 2 Inst alling the SSL312 This chapter describes how to install the Pr oSafe SSL VPN Concent rator 25 SSL312. The installation includes choosin g a network topology , configuring the IP addressing scheme, connecting the SSL312, and pro v isioning the SSL certificate. Choosing a Network T opology The physical connection o f[...]

  • Pagina 20

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-2 Installing the SSL312 v2.0, May 2007 . Single arm mode has the advantage of being protected by yo ur firewall. In later steps, you will use the following settin gs when configuring for single arm operation. • Assign Ethernet Port 1 an IP address on your local n etwo rk. • Disa[...]

  • Pagina 21

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-3 v2.0, May 2007 authorized for that user . The user ’ s subsequent reques ts for network services are decrypted by the SSL VPN Concentrator and rela yed to the approp riate network servers on the corporate network. Routing mode has the ad vantage of unload[...]

  • Pagina 22

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-4 Installing the SSL312 v2.0, May 2007 1. Prepare a PC with an Ethernet adapter. If this PC is already part of your n etwork, record its TCP/IP configuration settings so th at you can restore them later. 2. Configure your PC with a static IP address o f 192.168.1.10 and 255.2 55.255[...]

  • Pagina 23

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-5 v2.0, May 2007 2. A certificate security warning may appear . Click Y es or OK to continue. A login screen with User Name and Pa ssword dialog boxe s displays. 3. When prompted, en ter admin for the User Name and password for the Password, both in lower cas[...]

  • Pagina 24

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-6 Installing the SSL312 v2.0, May 2007 Configuring Basic Network Settings Before deploying the SSL VPN Concentrator into yo ur existing network, yo u should configure the following basic settings: • Change the administrator password • Configure DNS se rver IP addres s • Config[...]

  • Pagina 25

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-7 v2.0, May 2007 T o prepare for installation: 1. Change the administrator account password. a. On the left side of the browser window , select the Users and Groups link. b. In the Users table, click on admin. c. T ype your new Password and re-typ e to Confir[...]

  • Pagina 26

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-8 Installing the SSL312 v2.0, May 2007 Inst alling the SSL VPN Concentrator Y ou are now ready to physically install your SSL VPN Concentrator us ing the following steps: 1. T urn off the power to the SSL VPN Concentrat or and connect it to your network in your chosen topology . •[...]

  • Pagina 27

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-9 v2.0, May 2007 strong assurance of the server ’ s identity . A self-s igned certificate will trigger a warning from most browsers as it provides no protection ag ainst identity thef t of the server . Y our SSL VPN Concentrator contains a self-signed certi[...]

  • Pagina 28

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-10 Installing the SSL312 v2.0, May 2007 3. Fill out all of the fields with the appropriate information. This information will appear in your certificate and will be visible to users. 4. Click Apply . A file download screen will display . Click Save to save the CSR . ZIP file to a di[...]

  • Pagina 29

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-11 v2.0, May 2007 2. In the Digital Certificate Management section, click Ne w CSR/CR T . The Create CSR screen will display . 3. Fill out all of the fields with the appropriate information. This information will appear in your certificate and will be visible[...]

  • Pagina 30

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-12 Installing the SSL312 v2.0, May 2007 4. Click the Enable link adjacent to the new cer tificate. The Enable Certificate screen displays Figure 2-7 Figure 2-8[...]

  • Pagina 31

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Installing the SSL312 2-13 v2.0, May 2007 5. Enter the Certificate Password and click Enab le. The SSL VPN Concentrator software will restart using the new certificate. V iewing and Deleting Certificates The Current Certificates table lists the valid S SL certificates. (The Certific[...]

  • Pagina 32

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 2-14 Installing the SSL312 v2.0, May 2007 S tep s for Furt her Configuration The next steps in configuring the SSL VPN Concentrator are: • Create authentication domains ( Chapter 3, “Authenticating Users” ). • Define user and group settings ( Chapter 4, “Setting Up User and [...]

  • Pagina 33

    3-1 v2.0, May 2007 Chapter 3 Authenticating Users Remote users conn ecting to the SSL VPN Concentrator mu st be authenticated before being allowed to access the network. The login window prese nted to the user requires three items: a User Name, a Password, and a Domain selection. The Do main determines the au thentication method to be used and the [...]

  • Pagina 34

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-2 Authentic ating Users v2.0, May 2007 All of the configured domains will be listed in the table in the Domains window . The domains are listed in the order in which they were created. By default, the geardomain authentication domain is already defined, using the SSL VPN Concentrato[...]

  • Pagina 35

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-3 v2.0, May 2007 1. In the Domains menu, click Add Domain. An Ad d Domain window similar to the following displays. 2. From the Authentication T ype pull-down menu, select Local User Database. 3. In the Domain Name field, enter a descriptive name for the authe[...]

  • Pagina 36

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-4 Authentic ating Users v2.0, May 2007 For example, if you create a RADIUS domain in the SSL VPN Concentrator called “Miami RADIUS server”, you can add users to groups th at are members of the “Miami RADIUS server” domain. These user names must match the names configured in [...]

  • Pagina 37

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-5 v2.0, May 2007 6. From the Portal Layout Name drop-down me nu, select the name of the layout. The default layout is SSL-VPN. Y ou can define additio nal layouts in the Po rtal Layouts page. 7. Click Apply to update the configuration. Once the domain has been[...]

  • Pagina 38

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-6 Authentic ating Users v2.0, May 2007 2. In the Domain Name field, enter a descriptive name for the authentication domain. This is the domain name selecte d by users when they authenticate to the SSL VPN portal. It may be the same value as the NT Domain Name. 3. In the NT Server Ad[...]

  • Pagina 39

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-7 v2.0, May 2007 For an LDAP group, yo u can define LDAP attributes. For example, you can specify that users i n an LDAP group must be members of a certain gr oup or or ganizational unit defined on the LDAP server . Or you can specify a uniqu e LDAP distinguis[...]

  • Pagina 40

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-8 Authentic ating Users v2.0, May 2007 Sample LDAP Users and Attributes Settings If you manually add a user to an LDAP group, then the user setting will take precedence over LDAP attributes. For example: An LDAP attribute objectClass=Person is defined for group Group1 and an LDAP a [...]

  • Pagina 41

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-9 v2.0, May 2007 Configuring for LDAP Authentication T o configure LDAP authentication, click Add Do main. An Add Domain window displays. In the Add Domain window: 1. From the Authentication T ype menu, select LD AP . The Add D omain W i ndow displays the fiel[...]

  • Pagina 42

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-10 Authentic ating Users v2.0, May 2007 5. From the Portal Layout Name drop-down me nu, select the name of the layout. The default layout is SSL-VPN. Y ou can define additio nal layouts in the Po rtal Layouts page. 6. Click Apply to update the configuration. Once the domain has been[...]

  • Pagina 43

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-11 v2.0, May 2007 2. From the Authentication T ype menu, select Ac tive Directory . Fields for Active Directory configuration display: 3. In the Domain Name field, enter a descriptive name for the authentication domain. This is the domain name users will selec[...]

  • Pagina 44

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-12 Authentic ating Users v2.0, May 2007 7. Check the Require CIFS bookmark to home dire ct ory radio box to automatically allow access to users of this domain an d add the home direct ory path in the field provided. 8. Click Apply to update the configuration. Once the domain has bee[...]

  • Pagina 45

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Authenticating Users 3-13 v2.0, May 2007 5. Enter the Kerberos domain name in the Kerberos Domain field. 6. Enter the name of the layout in the Portal Lay out Name fi eld. Th e defau lt layout is S SL-VPN. (Additional layouts may be defined from the SSL VPN Portal > Port al Layou[...]

  • Pagina 46

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 3-14 Authentic ating Users v2.0, May 2007[...]

  • Pagina 47

    4-1 v2.0, May 2007 Chapter 4 Setting Up User and Group Access Policies This chapter describes how to define user s and groups and how to configure SSL VPN Concentrator access policies and bookmarks for the users and groups. This chapte r includes the following topics: • Determine Y our Requirements • Users, Groups and Global Policies • Global[...]

  • Pagina 48

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-2 Setting Up User and Gr oup Acces s Policie s v2.0, May 2007 • T o create complex policies involving groups of ho st names, IP addresse s or IP address ranges, you can define th es e groups as network object s usin g Network Resources as desc ribed in “Using Network Resource Ob[...]

  • Pagina 49

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-3 v2.0, May 2007 • An FTP server at 10.0.1.5, the user would be blocked by Policy 2. • An FTP server at 10.0.0.10, the user would be granted access by Polic y 3. The IP address range 10.0.0.5 - 10.0.0.20 is more specific than the IP a[...]

  • Pagina 50

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-4 Setting Up User and Gr oup Acces s Policie s v2.0, May 2007 Editing Global Policy Settings T o edit global settings: 1. In the Global Policies table, click the Edit Gl obal P olicies link. The Global Settings screen displays. 2. In the Inactivity T imeout field, enter the number o[...]

  • Pagina 51

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-5 v2.0, May 2007 Adding and Editing Global Policies T o define global access polic i es: 1. In the Global Policies section, click Add Policy . An Add Policy window displays. 2. From the Apply Policy T o pull-down menu, selec t whether the[...]

  • Pagina 52

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-6 Setting Up User and Gr oup Acces s Policie s v2.0, May 2007 4. From the Service pull-down menu , select the service type. If you are applying a policy to a network resource, the service type is defined in the network resource. 5. From the S tatus pull-down menu, select PERMI T or [...]

  • Pagina 53

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-7 v2.0, May 2007 Group s Conf iguration When configuring Groups, remember that user policies take precedenc e over all group policies and group policies take precedence over all global po licies, regardless of th e policy definition. (A u[...]

  • Pagina 54

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-8 Setting Up User and Gr oup Acces s Policie s v2.0, May 2007 . 2. In the Group Name field., enter a descriptive name for the group. 3. In the Domain menu, select the appropriat e domain. The domain will determine the authentication method for the group. 4. Click Apply to update the[...]

  • Pagina 55

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-9 v2.0, May 2007 Y ou can set the inactivity timeout at the user , group and global leve l. Set the timeout as 0 in the user and group configuration to use the global timeout setting. If multiple timeout settings are configured, the user [...]

  • Pagina 56

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-10 Setting Up User and Grou p Acces s Policies v2.0, May 2007 addresses. If two policies apply to a single IP ad dress, then a policy for a specific servic e (for example RDP) will take precedence over a policy that applies to all services. T o define group access policies: 1. In th[...]

  • Pagina 57

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-11 v2.0, May 2007 • If your policy applies to a specific host, ente r the IP address of the local host machine in the IP Address field. • If your policy applies to a network, enter th e network address and subnet bit mask (0-32) in th[...]

  • Pagina 58

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-12 Setting Up User and Grou p Acces s Policies v2.0, May 2007 . 2. In the Bookmark Name field, enter a descriptive name. 3. In the Name or IP Address field, enter the domai n name or the IP address of a host machine on the LAN. 4. From the Service pull-down me nu, select the service[...]

  • Pagina 59

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-13 v2.0, May 2007 2. In the Group Settings window , click Delete Grou p. The Users and Groups menu displays and the deleted group no longer appears in th e list of defined groups. Y ou can also delete a group by clicking its Delete link. [...]

  • Pagina 60

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-14 Setting Up User and Grou p Acces s Policies v2.0, May 2007 Adding a New User T o create a new user: 1. In the Users and Groups menu, click Ad d User . An A dd User menu displays. 2. In the User Name field, enter the user name for the user . This is the name the user will enter in[...]

  • Pagina 61

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-15 v2.0, May 2007 4. Click Apply . If the selected group is in a domain that uses ex terna l authentication, such as Active Directory , RADIUS, NT Domain or LDAP , then the Add Us er menu will close and the new user will be added to the U[...]

  • Pagina 62

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-16 Setting Up User and Grou p Acces s Policies v2.0, May 2007 Editing a User T o edit a user: 1. In the Users table in the Users and Groups menu, clic k the name of the user . The User Settings menu displays as shown in Figure 4-14 . • The Edit User Settings section shows the U se[...]

  • Pagina 63

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-17 v2.0, May 2007 . 2. T o modify the user password, enter the new user pas sword in the Passw ord field. 3. In the Confirm Password field, enter the new password again. 4. Click Apply to update the configuration T o change the user inact[...]

  • Pagina 64

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-18 Setting Up User and Grou p Acces s Policies v2.0, May 2007 Defining and Editing User Policies T o define user access policies : 1. On the Edit User Settings screen, click Add Policy . An Add Policy menu display s. 2. In the Apply Policy T o pull-down menu, select whether the poli[...]

  • Pagina 65

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-19 v2.0, May 2007 6. Click Apply to update the configuration. Once the configuration h as been updated, the new policy appears in the Edit User Setti ngs menu. The user policies will be displaye d i n the Edit Users Settings screen in the[...]

  • Pagina 66

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-20 Setting Up User and Grou p Acces s Policies v2.0, May 2007 Deleting a User T o delete a user: 1. Click the Delete link adjacent to the users name in the Users table. The user is removed from the table in the Users and Grou ps menu, or 2. Click the user name that you wish to remov[...]

  • Pagina 67

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-21 v2.0, May 2007 2. Click Add Resourc e. An Add Netw ork Resource menu similar to the following displays. 3. In the Resource Name field, enter a name for the Network Resource. 4. From the Services pull-down menu, select the type of servi[...]

  • Pagina 68

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-22 Setting Up User and Grou p Acces s Policies v2.0, May 2007 . 2. From the Object T ype pull-down menu under Add Resource Addresses, select either IP Address or IP Network: • If you selected IP Address, en ter an IP address or fully qualified domain name in the IP Address/Name fi[...]

  • Pagina 69

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Setting Up User and Gr oup Access Policies 4-23 v2.0, May 2007 . T o delete a defined res ource, click Delete in the Defined Resource Addresses table adjacent to the resource you wish to delete. Figure 4-21 Note: Y ou may define up to 128 addresses or address ranges per Network Reso[...]

  • Pagina 70

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 4-24 Setting Up User and Grou p Acces s Policies v2.0, May 2007[...]

  • Pagina 71

    5-1 v2.0, May 2007 Chapter 5 Configuring the Remote Access W eb Port al This chapter explains how to cr eate multiple W eb portals for different users and how to customize the appearance of a portal. It describes: • Portal Layouts • Portal Options • Adding Portal Layouts • Adding T erminal Services Applications to the Portal • Customizing[...]

  • Pagina 72

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-2 Configuring th e Remote Acces s Web Portal v2.0, May 2007 T o view the Portal Layout screen: Click Portal Layouts under the S SL VPN Portal menu on the left navigation pan e. A window similar to the following will display . . Port al Options The SSL VPN Concentrator portal can pre[...]

  • Pagina 73

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the Remote Access Web Portal 5-3 v2.0, May 2007 The configuration of the VPN T unnel and Po rt Forwarding features are described in Chapter 6, “Configuring the SSL VPN T unnel Client and Port Forwarding” . Adding Port al Layouts The SSL VPN Concentrator administrator[...]

  • Pagina 74

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-4 Configuring th e Remote Acces s Web Portal v2.0, May 2007 : b. In the Portal Site T itle field, ente r the title for the web browser window . c. T o display a banner message to users before th ey log in to the portal, enter the banner title text in the Banner T itle field. Also en[...]

  • Pagina 75

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the Remote Access Web Portal 5-5 v2.0, May 2007 d. Check the Enable HTTP meta tags for cache control check box to apply HTTP meta tag cache control directives to this Portal Layout. Cache control directives include: <meta http-equiv=”pragma” content=”no- cache?[...]

  • Pagina 76

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-6 Configuring th e Remote Acces s Web Portal v2.0, May 2007 6. Click Apply to confirm your sett ings. Adding T erminal Services Applications to the Portal If you selected the option Applicati ons page (in the SSL VPN Portal Pages to Display section), then the Portal Layout screen wi[...]

  • Pagina 77

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the Remote Access Web Portal 5-7 v2.0, May 2007 2. In the Application and Path field, enter the path and application name of the T erminal Services application. 3. From the Icon Image menu, select an imag e to appear on the Applica tion s page. 4. Click Add Application t[...]

  • Pagina 78

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-8 Configuring th e Remote Acces s Web Portal v2.0, May 2007 Duplicating and Editing Port al Layout s Y ou can edit the features of an existing portal; for example, create a banner or banner message that displays at the top of the page; or show or hide all applica ble bookmarks (user[...]

  • Pagina 79

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the Remote Access Web Portal 5-9 v2.0, May 2007 T o modify the features of an existing portal: 1. Under the SSL VPN Portal menu on the left navigation pan e, click Portal Layo uts. The Port al Layouts screen displays. 2. In the Layout Name column, click the portal you wa[...]

  • Pagina 80

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 5-10 Configur ing the Remote Access Web Portal v2.0, May 2007[...]

  • Pagina 81

    6-1 v2.0, May 2007 Chapter 6 Configuring the SSL VPN T unnel Client and Port Forwarding This chapter describes the confi guration for the SSL VPN T unnel C lient and for Port Forwarding. When a remote user accesses the SSL VPN Concentr ator from a PC that allows ActiveX content, these two powerful features can be activated. For each of these featur[...]

  • Pagina 82

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-2 Configuring the SSL VPN Tun nel Client and Port Forwarding v2.0, May 2007 • Detects and reroutes individual data streams to the Port Forwarding connection rather than opening up a full tunnel to the corporate network. • Offers more fin e grained management than VPN T unnel. Ad[...]

  • Pagina 83

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the SSL VPN T unnel Client and Port Forwarding 6-3 v2.0, May 2007 – Split tunnel – Sends only traffic destined fo r the internal network based on the specified client routes. All other traf fic is sent to th e internet. Split tunnel allows you to manage your company [...]

  • Pagina 84

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-4 Configuring the SSL VPN Tun nel Client and Port Forwarding v2.0, May 2007 6. Restart the SSL VPN Concentrator software if any VPN T unnel Clients are actively connected. Restarting will force the client s to obtain a new virtual IP address. VPN T unnel Clients are now able to conn[...]

  • Pagina 85

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the SSL VPN T unnel Client and Port Forwarding 6-5 v2.0, May 2007 If the assigned client IP address range is in a diff erent subnet than the corporate network or if the corporate network has multiple subnets, you must define Client Routes. T o add an SSL VPN T u nnel cli[...]

  • Pagina 86

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-6 Configuring the SSL VPN Tun nel Client and Port Forwarding v2.0, May 2007 . T o delete a VPN T u nnel Cl ient Route: 1. In the Configured Client Routes table, clic k the Delete link adjacent to the client route. 2. Restart the SSL VPN Concentrator software if VPN T unnel Clients a[...]

  • Pagina 87

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Configuring the SSL VPN T unnel Client and Port Forwarding 6-7 v2.0, May 2007 T o configure applications for Port Forwarding: 1. From the Access Administration me nu in the left navigation pane , select the Port Forwarding option. The Port Forward ing configuration screen disp lays.[...]

  • Pagina 88

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 6-8 Configuring the SSL VPN Tun nel Client and Port Forwarding v2.0, May 2007 Configuring Host Name Resolution Once the server and port informa tion has been configured, remote users will be able to access private network servers using Port Forwarding . As a convenience for users, the[...]

  • Pagina 89

    7-1 v2.0, May 2007 Chapter 7 Additional System Configuration This chapter describes additional network and configuration management functions provided by the W eb Management Interface. Th e additional functions include: • Configuring Network Settings • Setting Date and T ime • System Configuration Utilities • Additional Notes on the Managem[...]

  • Pagina 90

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-2 Additional Syst em Config uration v2.0, May 2007 • Default gateway address (F ir ewall/Router address): 192.168.1.2 54 In the configuration shown in th e diagram, the IP addresses of devices in the local network are configured in the 192.168 .1.0/24 subnet and the defa ult gatew[...]

  • Pagina 91

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7-3 v2.0, May 2007 2. Enter the Ethernet Port 1 subnet mask that has been configured for your network. The subnet mask value should be the same value as th e subnet mask configured on your network computers. The factory default is 255.2 55.25 5.0 (The[...]

  • Pagina 92

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-4 Additional Syst em Config uration v2.0, May 2007 5. Enter the subnet mask. The subnet mask spec ifies the network numb er portion of an IP address. The factory defau lt is 255.255.255.0. 6. Click Apply to save your settings. From the Network screen, you ca n define the default net[...]

  • Pagina 93

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7-5 v2.0, May 2007 T o configure a static route: 1. In the Add Static Routes section, enter the destin ation network address of the static route in the Destination Network field. The destination netw ork address is an IP address in the remote network [...]

  • Pagina 94

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-6 Additional Syst em Config uration v2.0, May 2007 Network Host T able Setting s For the convenience of users, yo u can configur e the SSL VPN Concentrator to translate host names or fully qualified domain names (FQDNs) to IP addresses. This function is configured in the Host T able[...]

  • Pagina 95

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7-7 v2.0, May 2007 3. In the Host Name field, enter the host name or Fully Qualified Domain Name of the machine. For example, enter mycomputer or www .netge ar .com . Do not enter names with spaces or other non-alphanumeric characters such as apostrop[...]

  • Pagina 96

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-8 Additional Syst em Config uration v2.0, May 2007 1. In the Network menu, check the DNS Settings radio butto n. The Network menu displays the fields for entering the DNS Settings. 2. Enter the Hostname for the SS L VPN Concentrator. The hostname identifies the SSL VPN Concentrator [...]

  • Pagina 97

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7-9 v2.0, May 2007 Setting Date and T ime T o configure the SSL VPN Concen trator date and time settings: 1. Under the System Configuration menu in the left navigation pane, click Date and T ime. The SSL VPN Concentrator uses the date and tim e settin[...]

  • Pagina 98

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-10 Additional System Con fig ur a tion v2.0, May 2007 • If you selected Use default NTP server s, NETGEAR’ s prima ry and secondary NTP servers for your time zone will appear . • If you selected Use custom NTP servers, ente r an NTP server IP address or fully-qualified domain [...]

  • Pagina 99

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7 -11 v2.0, May 2007 Encrypting the Configuration File For security purposes, you can encrypt the configura tion files. However , if the configuration files are encrypted, they cannot be edited or reviewed for troubleshooting purposes. T o encrypt the[...]

  • Pagina 100

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-12 Additional System Con fig ur a tion v2.0, May 2007 3. Choose the location to save the conf iguration file. The file is named CONF . ZIP by default, but it can be renamed. 4. Click Save to save the configuration file. Importing a Configuration File T o import a saved confi guratio[...]

  • Pagina 101

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Additional System Configuration 7 -13 v2.0, May 2007 Erasing the Configuration and Restoring the Default Settings T wo methods are available for eras ing the configuration and restor ing the factory default settings. Y ou can press and hold the front panel Factory Defaults pu sh but[...]

  • Pagina 102

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 7-14 Additional System Con fig ur a tion v2.0, May 2007 1. Download the new firmware from NETGEAR’ s support site. If the f ile is a zip archive, extract it and save it to your PC. 2. In the Utilities menu, click Upgrade. A submenu will display . 3. Click Browse to locate the save d[...]

  • Pagina 103

    8-1 v2.0, May 2007 Chapter 8 Monitoring and Logging This chapter describes the SSL VPN Concentrator status information, logging, alerting and reporting features. It describes: • SSL VPN Concentrator Status • Active Users • Event Log • Log Settings • Diagnostics SSL VPN Concentrator St atus The Status window shows important state and conf [...]

  • Pagina 104

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-2 Monitoring and Loggin g v2.0, May 2007 From the S tatus page, you may view: • The SSL VPN Concentrator software version • The amount of RAM memory in kilo Bytes (kB) • The current memory usage in percent (%). • The current CPU usage in percent (%). • The available flash [...]

  • Pagina 105

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Monitoring and Logging 8-3 v2.0, May 2007 Active Users The Active Users screen displays the active users and administ rators logged into the SSL VPN portal. T o view the Active Users log file: Click Active Users under the Mon itoring menu in the left nav igation pane. The Active Use[...]

  • Pagina 106

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-4 Monitoring and Loggin g v2.0, May 2007 Event Log The SSL VPN Concentrator provides web based loggin g. It also provides the ability to send log messages to an external syslog serv er using the syslog protocol and to E-mail log files and alert messages to an E-mail address or pager[...]

  • Pagina 107

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Monitoring and Logging 8-5 v2.0, May 2007 • User name. The User name field shows the auth enticated name of the user or administrator that generated the log event. • Log message. The message field des cribes the ev ent that occurred. Examples of log messages include Administr at[...]

  • Pagina 108

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-6 Monitoring and Loggin g v2.0, May 2007 so most standard firewall and networking repo rting products can accept and interpret the SSL VPN Concentrator log files. The SSL VPN Concentrat or syslog service transm its syslog messages to external syslog server(s) listening on UDP port 5[...]

  • Pagina 109

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Monitoring and Logging 8-7 v2.0, May 2007 3. If you have a backup o r second syslog server, enter the IP address or domain name of the Secondary Syslog Server in the Secondary Syslog Server field. 4. In the E-mail Settings section: a. T o receive e-mail notificati on, enter your ful[...]

  • Pagina 110

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-8 Monitoring and Loggin g v2.0, May 2007 Log categories are organized from most to least critical. Once a category is selected, then all events equal to or more critica l than the selected log category and will be logged. The default Log and Alert levels are: • Syslog Messages: De[...]

  • Pagina 111

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Monitoring and Logging 8-9 v2.0, May 2007 Diagnostics Basic network diagnostic tools are a vailable in the Diagnostics menu. Unde r the Monitoring menu in the left navigati on menu, click Diagnostics. The Diagnost ics window displays. The following diagnostic functions are available[...]

  • Pagina 112

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l 8-10 Monitori ng and Logg ing v2.0, May 2007[...]

  • Pagina 113

    Default Settings and Technical Specifications A-1 v2.0, May 2007 Appendix A Default Settings and T echnical S pecifications This appendix provides the factory default settings and techni cal specifications for the ProSafe SSL VPN Concentrator 25 SSL312. Factory Default Settings Y ou can use the push button located on the front of your device to res[...]

  • Pagina 114

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l A-2 Default Settings and Technical Specifications v2.0, May 2007 T echnical Specifications Concentra tor Ethernet MAC Address See bottom label. T ime Zone GMT T ime Zone Adjusted for Daylight Saving Ti m e Automatica lly enabled if DST available in area selected; otherwise disabled. C[...]

  • Pagina 115

    Related Documents B-1 v2.0, May 2007 Appendix B Related Document s This appendix provides links to reference documents you c an use to gain a more complete understanding of the technolog ies used in your NETGE AR product. Document Link T emplate for creating an end-user guide http://documentation. netgear .com/ssl312/enu/ 202-10208-01/appnote.doc I[...]

  • Pagina 116

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l B-2 Related Documents v2.0, May 2007[...]

  • Pagina 117

    Index-1 v2.0, May 2007 Index Numerics 10.0.0.1 Port 2 default 7-3 192.168.1.1 Port 1 default 7-2 A Active Directory 3-2 , 3-10 , 4-15 synchronizing 3-12 W indows server config 3-12 Active Users 8-2 , 8-3 ActiveX web cache control 5-5 Add Bookmark 4-6 user 4-19 Add Default Route 7-4 Add Domain 3-3 Add Group 4-7 Add Policy user 4-18 Add User 4-14 App[...]

  • Pagina 118

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-2 v2.0, May 2007 console port A-2 crt.zip 2-11 CSR 2-9 csr.zip 2-10 D Date and Time setti ngs 7-9 default password 2-5 Settings A-1 user name 2-5 default authentic ati on 3-2 default domain name 2-5 , 3-2 Default Gateway Address 7-4 Defined Resource user 4-18 Deleteing a User 4-[...]

  • Pagina 119

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Index-3 v2.0, May 2007 group settings defining 2-14 Groups Add Name 4-8 configuring 4-7 Domain 4-8 editing 4-8 Inactivity T i meout 4-8 H Host Name resolution, configuring 6-8 Hostname 7-8 HTTP meta ta gs 5-5 https //10.0.0.1 2-4 //192.168.1.1 2-4 I Inactivity Ti meout 4-8 setting 4[...]

  • Pagina 120

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-4 v2.0, May 2007 Policy service type 4-6 policy hierarchy 4-2 Port 1 default login 2-4 port addresses 8-2 Port Forwarding 6-6 , 6-8 adding Configured Applications 6-7 configuring applications for 6-7 Port2 default 2-4 Portal add new 5-8 modify 5-9 Portal Layout Name 3-3 Portal L[...]

  • Pagina 121

    NETGEAR ProS afe SSL VPN Conce ntr ator 25 SSL312 Reference Manual Index-5 v2.0, May 2007 U UDP port for syslog 8-6 User Bookmarks adding 4-19 editing 4-19 User Group define 4-14 User Name define 4-14 User Policies 4-2 adding 4-18 editing 4-18 user settings defining 2-14 Users editing 4-16 Utilities 7-10 V Video Network Computing 4-21 VPN Tunnel ad[...]

  • Pagina 122

    NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manua l Index-6 v2.0, May 2007[...]