NETGEAR UTM5-100NAS Network Hardware User Manual


 
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
8-28 Virtual Private Networking Using SSL Connections
v1.0, January 2010
To add an SSL VPN tunnel client route:
1. Select VPN > SSL VPN from the menu. The SSL VPN s submenu tabs appear, with the
Policies screen in view.
2. Click the SSL VPN Client submenu tab. The SSL VPN Client screen displays (see Figure 8-
15 on page 8-26).
3. In the Add Routes for VPN Tunnel Clients section of the screen, specify information in the
following fields:
Destination Network. The destination network IP address of a local network or subnet.
For example, enter 192.168.1.60.
Subnet Mask. The address of the appropriate subnet mask.
4. Click the Add table button. The new client route is added to the Configured Client Routes
table.
Restart the UTM if VPN tunnel clients are currently connected. Restarting forces clients to
reconnect and receive new addresses and routes.
To change the specifications of an existing route and to delete an old route:
1. Add a new route to the Configured Client Routes table.
2. In the Configured Client Routes table, to the right of the route that is out-of-date, click the
Delete table button.
If an existing route is no longer needed for any reason, you can delete it.
Using Network Resource Objects to Simplify Policies
Network resources are groups of IP addresses, IP address ranges, and services. By defining
resource objects, you can more quickly create and configure network policies. You do not need to
redefine the same set of IP addresses or address ranges when you configure the same access
policies for multiple users.
Defining network resources is optional; smaller organizations can choose to create access policies
using individual IP addresses or IP networks rather than predefined network resources. But for
most organizations, NETGEAR recommends that you use network resources. If your server or
network configuration changes, you can perform an update quickly by using network resources
instead of individually updating all of the user and group policies.