Cisco Systems Advanced Configuration of the RVL200 Router: User Management and SSL VPN
Page 50

Chapter 4

Advanced Configuration

NOTE: If your users are unable to connect via Active Directory, verify the following:

1.The time settings between the Active Directory server and the Router must be synchronized. Kerberos authentication, used by Active Directory to authenticate clients, permits a maximum of a 15-minute time difference between the Windows server and client (the Router).

2.Make sure yourWindows server is configured for Active Directory authentication. If you are using a Windows NT 4.0 server, then your server only supports NT Domain authentication. Windows 2000 and 2003 servers are also configured for NT Domain authentication to support legacy Windows clients.

Proceed to the “Edit User” section.

LDAP

LDAP

Server Address  Enter the IP address or domain name of the server.

LDAP BaseDN*  Enter the search base for LDAP queries. This is an example of a search base string: CN=Users,DC= yourdomain,DC=com. (Do not use quotation marks in this field.)

Proceed to the “Edit User” section.

Edit User

A list of users is displayed here.

User Name  This is the name of the user.

User Type  This is the type of user, User or Administrator.

Inactivity Timeout  This is the number of idle minutes permitted before a session will time out.

Config  Click Edit to change the user’s settings on the User Management screen.

To add a new user, click Add User. (The maximum number of users is 128.) The User Management screen appears.

Add a User to the Local User Database

Configure the following settings:

User Name  Enter the name the user will use to log into the SSL VPN Portal.

User Type  For users with Local User Database authentication, select User or Administrator. User types can only access the SSL VPN Portal, and Administrator types can access the Router’s web-based utility.

Password  For users with Local User Database authentication, enter the user’s password.

Confirm Password  For users with Local User Database authentication, re-enter the user’s password.

Inactivity Timeout  Enter the number of idle minutes permitted before the session times out and the login screen appears. The default for User type is 0, which disables the Inactivity Timeout feature. The default for Administrator type is 10 minutes.

Click Save Settings to save your changes, or click Exit to return to the User Management screen.

On the User Management screen, click Save Settings to save your changes, or click Cancel Changes to undo them.

SSL VPN > Virtual Passage

Define the IP address range for incoming Virtual Passage clients and establish an SSL VPN tunnel by Virtual Passage. Virtual Passage is a software application that enables remote users to securely connect to a remote network, as if they were on the local network.

4-Port SSL/IPSec VPN Router

42

Page 49 Page 51
Image 50
Page 49 Page 51
Contents Port SSL/IPSec VPN Router About This Guide About This GuideTable of Contents Ddns IPSec VPN Gateway to Gateway Appendix E User for the Active Directory Server Appendix C Bandwidth ManagementAppendix D Active Directory Server Appendix L Multiple VLANs with Computers Appendix I Gateway-to-Gateway VPN TunnelAppendix J IPSec NAT Traversal Appendix Q Specifications Appendix O Firmware UpgradeAppendix P Battery Replacement Appendix M Multiple VLANs and SubnetsIntroduction ChapterChapter Introduction Introduction to the RouterComputer using SSL VPN client software to VPN Router Front Panel Chapter Product OverviewProduct Overview Back PanelPhysical Installation Chapter InstallationInstallation Cable Connection Overview Chapter Advanced ConfigurationAdvanced Configuration Before You BeginHow to Access the Web-Based Utility Click Security Select Use SSL 2.0 and Use SSLSystem Summary System InformationIPSec VPN Setting Status Network Setting StatusFirewall Setting Status SSL VPN Setting StatusNetwork Setup Tab NetworkLAN Setting WAN Connection TypeStatic IP PPPoE Point-to-Point Protocol over EthernetSetup Password Pptp Point-to-Point Tunneling ProtocolPassword Setup TimeSetup DMZ Host TimePort Range Forwarding Setup Tab ForwardingForwarding Port TriggeringSetup UPnP UPnPOne-to-One NAT Setup One-to-One NATSetup MAC Clone MAC Clone Setup DdnsSetup Advanced Routing Advanced RoutingDhcp Setup Static RoutingStatic IP SetupDynamic IP Dhcp Multiple VLANs Dhcp StatusStatus Multiple VLANsDhcp Inter-VLAN Routing System Management DiagnosticDiagnostic Inter-VLAN RoutingSystem Management Restart Factory DefaultFirmware Upgrade Firmware DownloadSystem Management Port Mirroring Import Configuration FileExport Configuration File RestartPort Management Port Status Port Management Port SetupBasic Per Port Config Port StatusPort Management Create Vlan Port Management Port SettingPort Setting Create VlanBandwidth Management QoS Bandwidth ManagementVlan Membership Rate Control PriorityQoS Mode QoS QoS SetupQoS Setup Trust Mode Default CoSQueue Settings QoS Queue SettingsQoS Dscp Settings CoS SettingsGeneral Dscp SettingsFirewall General Dscp to QueueRestrict WEB Features Firewall Access RulesAccess Rules Add a New Access Rule ServicesScheduling Firewall Content FilterContent Filter IP/MAC GroupWebsite Blocking by Keywords IPSec VPN SummaryForbidden Domains IP AddressSummary Local Group SetupIPSec VPN Gateway to Gateway Add a New TunnelRemote Security Gateway Type Remote Group SetupLocal Security Group Type Remote Security Group Type IPSec Setup IKE with Preshared KeyAdvanced SSL VPN Certificate Management IPSec VPN VPN Pass ThroughSSL VPN Summary VPN Pass ThroughUser Management Authentication TypeSSL VPN User Management Edit GroupSSL VPN Virtual Passage Edit UserGlobal Parameters Snmp Global ParametersVirtual Passage Views Snmp ViewsSnmp Group Profile Group ProfileGroup Membership Snmp Group MembershipSnmp Communities CommunitiesSnmp Notification Recipient Notification RecipientLog System Log System LogAlert Log Log SettingLog System Statistics General LogBasic Setup WizardObtain an IP automatically PPPoEAccess Rule Setup Select the Service Manual SupportLogout Linksys Web SiteLogout Appendix a Appendix a TroubleshootingTroubleshooting Before You Begin Windows OS Appendix BAppendix B Virtual Passage SSL VPN Client Make the SSL VPN Portal a Trusted Site Windows OS Click Trusted sitesInstallation of the Virtual Passage Client Windows OS Login for the SSL VPN Portal Windows OSWhen you right-click the icon, you have three options Click Continue AnywayWindows Vista Usage Installation of the Virtual Passage Client Mac OSLogin for the SSL VPN Portal Mac OS Removal of the Virtual Passage Client Mac OS Click ContinueBefore You Begin Linux OS Installation of the Virtual Passage Client Linux OSLogin for the SSL VPN Portal Linux OS Removal of the Virtual Passage Client Linux OS Appendix C Bandwidth Management Creation of New ServicesAppendix C Bandwidth ManagementClick Save Settings Creation of New Bandwidth Management RulesActive Directory Server Appendix DAppendix D Active Directory Server Select Domain in a new forest, and then click Next Enter a domain name, and then click Next Active Directory Server Troubleshooting Appendix E Appendix E User for the Active Directory ServerUser for the Active Directory Server Appendix F Internet Authentication Service IAS Server Appendix FInternet Authentication Service IAS Server Select Unencrypted authentication. Click Apply Click Finish Welcome to the New Connection Request Policy Wizard Click Edit Profile Appendix G Click the User Management tabAppendix H Deployment in an Existing Network Select HTTPSTCP/443~443 from the Service drop- down menuAppendix H LAN-to-LAN ConnectionWAN-to-LAN Connection Appendix Gateway-to-Gateway VPN Tunnel Configuration of the RVL200Appendix Click the Gateway to Gateway tabConfiguration of the RV082 Configuration of PC 1 and PCRV082 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix Appendix J Configuration of ScenarioConfiguration of Router a Appendix J IPSec NAT TraversalConfiguration of Router B IPSec NAT TraversalOne-to-One NAT Rule on NAT 2 RV042 One-to-One NAT Rule on NAT 1 RV042Configuration of Router a Appendix K Configuration of MultipleRVL200-to-RV042 Configuration Appendix KClick the Advanced Routing tab RV042 #1 ConfigurationClick Save Setting RV042 #2 Configuration Appendix L Multiple VLANs with Computers RVL200-to-SRW2048 ConfigurationAppendix L Click the Port Management tabClick Save Settings Click the Vlan Membership tab SRW2048 ConfigurationSelect Enable Vlan Appendix M RVL200 ConfigurationAppendix M Multiple VLANsInter-VLAN Routing Option Click the Inter-VLAN Routing tabAppendix N Access of Multiple VLANsAppendix N Over a SSL VPN TunnelAppendix O Appendix O Firmware UpgradeFirmware Upgrade Upgrade the Firmware Click the Firmware Upgrade tabReplace the Lithium Battery Appendix P Battery ReplacementBattery Replacement Appendix PAppendix Q Appendix Q SpecificationsSpecifications Appendix R Warranty InformationLimited Warranty Appendix S Regulatory InformationDansk Danish Miljøinformation for kunder i EU Port SSL/IPSec VPN Router 106 Norsk Norwegian Miljøinformasjon for kunder i EU Port SSL/IPSec VPN Router 108 Appendix T Contact Information
Top Page Image Contents