NETGEAR UTM5-100NAS Network Hardware User Manual


 
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Virtual Private Networking Using SSL Connections 8-27
v1.0, January 2010
3. Select the checkbox and complete the fields as explained Table 8-8.
4. Click Apply to save your settings. VPN tunnel clients are now able to connect to the UTM and
receive a virtual IP address in the client address range.
Adding Routes for VPN Tunnel Clients
The VPN tunnel clients assume that the following networks are located across the VPN over SSL
tunnel:
The subnet that contains the client IP address (that is, PPP interface), as determined by the
class of the address (Class A, B, or C).
Subnets that are specified in the Configured Client Routes table on the SSL VPN Client
screen.
If the assigned client IP address range is in a different subnet than the local network, or if the local
network has multiple subnets, or if you select split mode tunnel operation, you must define client
routes.
Table 8-8. Client IP Address Range Settings
Item Description (or Subfield and Description)
Client IP Address Range
Enable Full Tunnel Support Select this checkbox to enable full tunnel support. If you leave this
checkbox deselected (which is the default setting), split tunnel support is
enabled, and you must add client routes (see “Adding Routes for VPN
Tunnel Clients” on page 8-27).
Note: When full tunnel support is enabled, client routes are not operable.
DNS Suffix A DNS suffix to be appended to incomplete DNS search strings. This is
an option.
Primary DNS Server The IP address of the primary DNS server that is assigned to the VPN
tunnel clients. This is an option.
Note: If you do not assign a DNS server, the DNS settings remain
unchanged in the VPN client after a VPN tunnel has been established.
Secondary DNS Server The IP address of the secondary DNS server that is assigned to the VPN
tunnel clients. This is an option.
Client Address Range Begin The first IP address of the IP address range that you want to assign to
the VPN tunnel clients.
Client Address Range End The last IP address of the IP address range that you want to assign to
the VPN tunnel clients.