NETGEAR FVS318N-100NAS Use Network Resource Objects to Simplify Policies

Virtual Private Networking Using SSL Connections

273

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

3. In the Add Routes for VPN Tunnel Clients section of the screen, specify information in the

following fields:

•Destination Network. The destination network IPv4 or IPv6 address of a local

network or subnet. For example, for an IPv4 route, enter 192.168.4.20.

•Subnet Mask / Prefix Length. For an IPv4 route, the address of the appropriate

subnet mask; for an IPv6 route, the prefix length.

4. Click the Add table button. The new client route is added to the Configured Client Routes

table.

If VPN tunnel clients are already connected, disconnect and then reconnect the clients on the

SSL VPN Connection Status screen (see View the SSL VPN Connection Status on

page 285). Doing so allows the clients to receive new addresses and routes.

To change the specifications of an existing route and to delete an old route:

1. Add a new route to the Configured Client Routes table.

2. In the Configured Client Routes table, to the right of the route that is out-of-date, click the

Delete table button.

If an existing route is no longer needed, you can delete it.

Use Network Resource Objects to Simplify Policies

Network resources are groups of IP addresses, IP address ranges, and services. By defining

resource objects, you can more quickly create and configure network policies. You do not

need to redefine the same set of IP addresses or address ranges when you configure the

same access policies for multiple users.

Defining network resources is optional; smaller organizations can choose to create access

policies using individual IP addresses or IP networks rather than predefined network

resources. But for most organizations, NETGEAR recommends that you use network

resources. If your server or network configuration changes, you can perform an update

quickly by using network resources instead of individually updating all of the user and group

policies.

The resource name and service are independent of the IP version. However, the resource

definition (see Edit Network Resources to Specify Addresses on page 274) is dependant on

the IP version because you can assign either an IPv4 or an IPv6 address or network.

To define a network resource:

1. Select VPN > SSL VPN > Resources. The Resources screen displays. (The following

figure shows some resources in the List of Resources table as an example.)