ProSecure Unified Threat Management (UTM) Appliance Reference Manual
8-18 Virtual Private Networking Using SSL Connections
v1.0, January 2010
When you define the SSL VPN policies that determine network resource access for your
SSL VPN users, you can define global policies, group policies, or individual policies.
Because you must assign an authentication domain when creating a group, the group is
created after you have created the domain.
c. Create one or more SSL VPN user accounts.
Because you must assign a group when creating a SSL VPN user account, the user account
is created after you have created the group.
3. For port forwarding, define the servers and services (“Configuring Applications for Port
Forwarding” on page 8-22).
Create a list of servers and services that can be made available through user, group, or global
policies. You can also associate fully qualified domain names (FQDNs) with these servers.
The UTM resolves the names to the servers using the list you have created.
4. For SSL VPN tunnel service, configure the virtual network adapter (see “Configuring the SSL
VPN Client” on page 8-25).
For the SSL VPN tunnel option, the UTM creates a virtual network adapter on the remote PC
that then functions as if it were on the local network. Configure the portal’s SSL VPN client to
define a pool of local IP addresses to be issued to remote clients, as well as DNS addresses.
Declare static routes or grant full access to the local network, subject to additional policies.
5. To simplify policies, define network resource objects (see “Using Network Resource Objects
to Simplify Policies” on page 8-28).
Network resource objects are groups of IP addresses, IP address ranges, and services. By
defining resource objects, you can more quickly create and configure network policies.
6. Configure the SSL VPN policies (see “Configuring User, Group, and Global Policies” on
page 8-31).
Policies determine access to network resources and addresses for individual users, groups, or
everyone.
Creating the Portal Layout
The Portal Layouts screen that you can access from the SSL VPN menu allows you to create a
custom page that remote users see when they log into the portal. Because the page is completely
customizable, it provides an ideal way to communicate remote access instructions, support
information, technical contact information, or VPN-related news updates to remote users. The
page is also well-suited as a starting page for restricted users; if mobile users or business partners
are only permitted to access a few resources, the page that you create presents only the resources
that are relevant to these users.