Ssl Vpn | Cisco Systems RV325K9NA, RV320K9NA instruction

11

SSL VPN

A SSL VPN (Secure Sockets Layer virtual private network) allows users to establish a secure, remote-access VPN tunnel to this device by using a web browser. Users do not need a software or hardware client preinstalled on their computers. SSL VPN provides secure, easy access to a broad range of web resources and web-enabled applications from almost any computer on the Internet. They include:

•Internal websites

•Web-enabled applications

•NT/Active Directory file shares (i.e. My Network Place)

•MS Outlook Web Access

•Application Access (port forwarding access to other TCP-based applications)

SSL VPN uses the Secure Sockets Layer protocol and its successor, Transport Layer Security, to provide a secure connection between remote users and specific, supported internal resources configured at a central site. This device recognizes connections that must be proxied, and the SSL VPN web portal interacts with the authentication subsystem to authenticate users.

Access to resources by users of SSL VPN sessions is provided on a group basis. Users such as business partners can be put into a group that has no direct access to resources

on the internal network. Or, for users that require access to all resources in the internal network, this device supports Virtual Passage, which allows authorized users to obtain an IP address from this device through a SSL VPN tunnel and are then a part of the internal network.

Cisco Small Business RV320/RV325 Administration Guide

111

Image 111

Cisco Systems RV325K9NA, RV320K9NA manual Ssl Vpn

Contents

Administration Guide 78-20928-02 Setup Getting StartedSystem Summary Port Management ContentsDhcp System Management Firewall VPNCertificate Management 101 User Management 119 Contents Log 107SSL VPN 111 Wizard 117 Getting Started Using the Getting Started Window Pop-Up Windows Features of the User InterfaceTroubleshooting Tips Navigation Logout Help Getting Started System Information System Summary Configuration Wizard Port ActivityPort Information detail IPv4 and IPv6 WAN InformationDMZ Information Security Status VPN Setting Status Log Setting Status SSL VPN StatusPptp Tunnels Available-PPTP tunnels available Log Setting Status IP Mode Setup Network WAN1 or WAN2 Port Settings Adding or Editing an IPv4 NetworkEditing the IPv6 Address Prefix WAN Connection Settings appears Obtain an IP AutomaticallyLAN Prefix Assignment Subnet Mask IPv4-Subnetwork mask Static IP PPPoE Setup Transparent Bridge IPv4 Stateless Address Autoconfiguration IPv6 IPv6 in IPv4 Tunnel IPv6 6to4 Tunnel IPv6 IPv6 Rapid Deployment 6rd Tunnel IPv6 6rd Configuration Mode 3G/4G Connection USB1 or USB2 Port Settings Setting Failover and Recovery Setup Password DMZ Enable To change the username or password Choose SetupPassword Time Configuring Port Forwarding DMZ HostPort Forwarding Adding or Editing a Service Name Configuring Port Triggering Click Setup ForwardingDeleting a Table Entry Port Address Translation To open this page, select Setup Port Address Translation Adding or Editing a Service Name Setting Up One-to-One NAT MAC Address Cloning Assigning Dynamic DNS to a WAN Interface Configuring Dynamic Routing Configuring IPv4 Dynamic RoutingAdvanced Routing Configuring Static Routing Configuring IPv6 Dynamic RoutingPrefix Length IPv6 only-IPv6 prefix length Inbound Load Balance Click Enable Inbound Load Balance USB Device Update Dhcp Dhcp Setup Configuring Dhcp for IPv4Choose Vlan or Option Enter the IPv6 Address Enter the Prefix Length Configuring Dhcp for IPv6 Viewing the Dhcp Status MAC Address IPv4 only-MAC address of a client Option IP and MAC Binding Bind IP Addresses by DiscoveryBind IP Addresses Manually Using the Static IP List to Block Devices DNS Local DatabaseEdit or Delete Bound Entries Add, Edit, or Delete Local DNS Entries Router Advertisement IPv6 Lifetime Dhcp Max Bandwidth Provided by ISP Dual WAN Connections System Management Network Service Detection Bandwidth Management Adding or Editing a Service Bandwidth Management Type Configure PriorityInterface-Interface that supports the service Maximum Bandwidth Provided by ISP Snmp Configuring Snmp Configuring SNMPv3 Discovery-Bonjour Lldp Properties Factory Default Using Diagnostics Firmware Upgrade Language Selection or Language SetupNavigate to System Management Language Selection Navigate to System Management Language Setup RestartEnter the New Language Name System Management Restart Backup and RestoreRestoring the Settings from a Configuration File Backing Up Configuration Files and Mirror Files Sanitizing the Configuration Configuration Backing Up the Firmware to a USB Flash DriveCopying the Mirror File to the Startup File System Management Port Management Configuring the Ports Port Management Port Status Vlan Membership Traffic Statistics Dscp Marking QoSCoS/DSCP Setting Enter the Radius Secret 802.1X Configuration Port Management General Enabling Firewall Features Configuring Trusted Domain Names Access Rules Adding an Access Rule to the IPv4 Access Rule Table Adding an Access Rule to the IPv6 Access Rule TableSelect Log packets matching this rule or No Log Blocking Website Keywords Content FilterBlocking Forbidden Domains Select Block Forbidden Domains Accepting Allowed Domains Select Accept Allowed DomainsScheduling Firewall Summary VPN Group VPN Status Connection Table VPN Add a New Tunnel Gateway to Gateway Keying Mode = Manual or IKE with Preshared Key Local Group Setup Keying Mode = IKE with Certificate Remote Group Setup IPSec Setup VPN VPN VPN Client to Gateway Interface-WAN port Configure Tunnel or Group VPN Configuring Easy VPN Local Group Setup Remote Client Setup for Single User VPN IPSec Setup VPN VPN Pptp Server VPN Passthrough My Certificate Certificate Management Importing a 3rd-party or Self-signed Certificate Exporting or Displaying a Certificate or Private Key Trusted IPsec Certificate Trusted SSL Certificate Certificate Generator Key Encryption Length-Length of the key CSR Authorization 106 Configuring the System Log Send SMS Configuring the System Log ServersSystem Log Log Configure email Notification Configure the Logs System Statistics ProcessesAdditional Information Log Buttons SSL VPN Group Management Status Add or Edit a Group Delete a Group Microsoft Terminal Internet Services Remote Desktop Resource Management Advanced Setting Access Rule Setup Basic Setup Wizard User Management User Management Where to Go From Here Revised June 24 78-20928-02