Cisco Systems RVL200 manual SSL VPN User Management, Edit Group, Authentication Type

Page 49

Chapter 4

Advanced Configuration

Generate New Certificate  Click this option to generate a new certificate. It will replace the Router’s existing certificate.

Export Certificate for Administration  The certificate for administration holds the private key and should be stored in a safe place as a backup. Select this option to store your administration certificate as a file. The default filename is RVL200_MMDD_HHMM.pem, which you can rename. Follow the on-screen instructions to select the location where you want to store your certificate. If you reset the Router to its factory defaults, then you can import the certificate and restore it on the Router.

Export Certificate for Client  Select this option to store your client certificate as a file. The default filename is RVL200_MMDD_HHMM_Client.pem, which you can rename. Follow the on-screen instructions to select the location where you want to store your certificate.

Import Certificate  Specify where your certificate (X.509 certificate in a .pem file) is located. (This is the file you previously saved using the Export Certificate for Administration option.) Click Browse and follow the on- screen instructions. After you have selected the file, click Import.

ExistingCertificate  Thefilenameofthecurrentcertificate is displayed.

SSL VPN > User Management

Define users for your SSL VPN tunnels.

SSL VPN > User Management

User Management

Edit Group

Authentication Type

Select the type you want to use: Local User Database,

RADIUS - PAP, RADIUS - CHAP, RADIUS - MSCHAP, RADIUS - MSCHAPV2, NT Domain, Active Directory,

or LDAP. Follow the instructions for the type you want to use.

Local User Database

Proceed to the “Edit User” section.

RADIUS - PAP, RADIUS - CHAP, RADIUS - MSCHAP, or

RADIUS - MSCHAPV2

RADIUS - PAP

RADIUS Server Address  Enter the IP address or domain name of the RADIUS server.

Secret Password  If required by the RADIUS server, enter an authentication secret password.

Proceed to the “Edit User” section. NT Domain

NT Domain

NT Server Address  Enter the IP address or domain name of the server. (The Router does support Linux Samba Server Authentication.)

NT Domain Name  Enter the NT authentication domain. This is the domain name configured on the Windows authentication server or Linux Samba authentication server for network authentication.

Proceed to the “Edit User” section. Active Directory

Active Directory

Server Address  Enter the IP address or domain name of the Active Directory server.

Active Directory Domain  Enter the Active Directory domain name.

4-Port SSL/IPSec VPN Router

41

Page 48 Page 50
Image 49
Page 48 Page 50
Contents Port SSL/IPSec VPN Router About This Guide About This GuideTable of Contents Ddns IPSec VPN Gateway to Gateway Appendix D Active Directory Server Appendix C Bandwidth ManagementAppendix E User for the Active Directory Server Appendix J IPSec NAT Traversal Appendix I Gateway-to-Gateway VPN TunnelAppendix L Multiple VLANs with Computers Appendix P Battery Replacement Appendix O Firmware UpgradeAppendix Q Specifications Appendix M Multiple VLANs and SubnetsChapter Introduction ChapterIntroduction Introduction to the RouterComputer using SSL VPN client software to VPN Router Product Overview Chapter Product OverviewFront Panel Back PanelInstallation Chapter InstallationPhysical Installation Cable Connection Advanced Configuration Chapter Advanced ConfigurationOverview Before You BeginClick Security Select Use SSL 2.0 and Use SSL How to Access the Web-Based UtilitySystem Information System SummaryFirewall Setting Status Network Setting StatusIPSec VPN Setting Status SSL VPN Setting StatusLAN Setting Setup Tab NetworkNetwork WAN Connection TypePPPoE Point-to-Point Protocol over Ethernet Static IPPptp Point-to-Point Tunneling Protocol Setup PasswordSetup DMZ Host Setup TimePassword TimeForwarding Setup Tab ForwardingPort Range Forwarding Port TriggeringUPnP Setup UPnPSetup MAC Clone Setup One-to-One NATOne-to-One NAT Setup Advanced Routing Setup DdnsMAC Clone Advanced RoutingStatic Routing Dhcp SetupDynamic IP SetupStatic IP Status Dhcp StatusDhcp Multiple VLANs Multiple VLANsDiagnostic System Management DiagnosticDhcp Inter-VLAN Routing Inter-VLAN RoutingFirmware Upgrade Factory DefaultSystem Management Restart Firmware DownloadExport Configuration File Import Configuration FileSystem Management Port Mirroring RestartBasic Per Port Config Port Management Port SetupPort Management Port Status Port StatusPort Setting Port Management Port SettingPort Management Create Vlan Create VlanVlan Membership QoS Bandwidth ManagementBandwidth Management Priority Rate ControlQoS Setup QoS QoS SetupQoS Mode Trust Mode Default CoSQoS Dscp Settings QoS Queue SettingsQueue Settings CoS SettingsFirewall General Dscp SettingsGeneral Dscp to QueueAccess Rules Firewall Access RulesRestrict WEB Features Services Add a New Access RuleContent Filter Firewall Content FilterScheduling IP/MAC GroupForbidden Domains IPSec VPN SummaryWebsite Blocking by Keywords IP AddressIPSec VPN Gateway to Gateway Local Group SetupSummary Add a New TunnelLocal Security Group Type Remote Group SetupRemote Security Gateway Type Remote Security Group Type IKE with Preshared Key IPSec SetupAdvanced SSL VPN Summary IPSec VPN VPN Pass ThroughSSL VPN Certificate Management VPN Pass ThroughSSL VPN User Management Authentication TypeUser Management Edit GroupEdit User SSL VPN Virtual PassageVirtual Passage Snmp Global ParametersGlobal Parameters Snmp Group Profile Snmp ViewsViews Group ProfileSnmp Communities Snmp Group MembershipGroup Membership CommunitiesNotification Recipient Snmp Notification RecipientSystem Log Log System LogLog System Statistics Log SettingAlert Log General LogWizard Basic SetupPPPoE Obtain an IP automaticallyAccess Rule Setup Select the Service Logout SupportManual Linksys Web SiteLogout Troubleshooting Appendix a TroubleshootingAppendix a Appendix B Virtual Passage SSL VPN Client Appendix BBefore You Begin Windows OS Click Trusted sites Make the SSL VPN Portal a Trusted Site Windows OSLogin for the SSL VPN Portal Windows OS Installation of the Virtual Passage Client Windows OSClick Continue Anyway When you right-click the icon, you have three optionsLogin for the SSL VPN Portal Mac OS Installation of the Virtual Passage Client Mac OSWindows Vista Usage Click Continue Removal of the Virtual Passage Client Mac OSLogin for the SSL VPN Portal Linux OS Installation of the Virtual Passage Client Linux OSBefore You Begin Linux OS Removal of the Virtual Passage Client Linux OS Appendix C Creation of New ServicesAppendix C Bandwidth Management Bandwidth ManagementCreation of New Bandwidth Management Rules Click Save SettingsAppendix D Active Directory Server Appendix DActive Directory Server Select Domain in a new forest, and then click Next Enter a domain name, and then click Next Active Directory Server Troubleshooting Appendix E User for the Active Directory Server Appendix EUser for the Active Directory Server Appendix F Appendix F Internet Authentication Service IAS ServerInternet Authentication Service IAS Server Select Unencrypted authentication. Click Apply Click Finish Welcome to the New Connection Request Policy Wizard Click Edit Profile Click the User Management tab Appendix GAppendix H Select HTTPSTCP/443~443 from the Service drop- down menuAppendix H Deployment in an Existing Network LAN-to-LAN ConnectionWAN-to-LAN Connection Appendix Configuration of the RVL200Appendix Gateway-to-Gateway VPN Tunnel Click the Gateway to Gateway tabConfiguration of PC 1 and PC Configuration of the RV082RV082 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix Configuration of Router a Configuration of ScenarioAppendix J Appendix J IPSec NAT TraversalIPSec NAT Traversal Configuration of Router BOne-to-One NAT Rule on NAT 1 RV042 One-to-One NAT Rule on NAT 2 RV042Configuration of Router a RVL200-to-RV042 Configuration Configuration of MultipleAppendix K Appendix KClick Save Setting RV042 #1 ConfigurationClick the Advanced Routing tab RV042 #2 Configuration Appendix L RVL200-to-SRW2048 ConfigurationAppendix L Multiple VLANs with Computers Click the Port Management tabSelect Enable Vlan SRW2048 ConfigurationClick Save Settings Click the Vlan Membership tab Appendix M RVL200 ConfigurationAppendix M Multiple VLANsClick the Inter-VLAN Routing tab Inter-VLAN Routing OptionAppendix N Access of Multiple VLANsAppendix N Over a SSL VPN TunnelFirmware Upgrade Appendix O Firmware UpgradeAppendix O Click the Firmware Upgrade tab Upgrade the FirmwareBattery Replacement Appendix P Battery ReplacementReplace the Lithium Battery Appendix PSpecifications Appendix Q SpecificationsAppendix Q Limited Warranty Warranty InformationAppendix R Regulatory Information Appendix SDansk Danish Miljøinformation for kunder i EU Port SSL/IPSec VPN Router 106 Norsk Norwegian Miljøinformasjon for kunder i EU Port SSL/IPSec VPN Router 108 Contact Information Appendix T
Top Page Image Contents