NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual

authorized for that user. The user’s subsequent requests for network services are decrypted by the SSL VPN Concentrator and relayed to the appropriate network servers on the corporate network.

10.0.0.10

10.0.0.254

10.0.0.20

66.123.4.80 10.0.0.1

SSL312

Red = Public (untrusted)

Green = Local (trusted)

Figure 2-1

Routing mode has the advantage of unloading SSL traffic from your firewall. However, your network may not be as well protected since the firewall can not inspect this traffic.

In later steps, you will use the following settings when configuring for routing operation.

Assign Ethernet Port 1 a public IP address.

Assign Ethernet Port 2 an IP address on your local network.

Enable Routing Mode.

Note: The SSL VPN Concentrator does not perform Network Address Translation (NAT). Also, the SSL VPN Concentrator only enforces access policies on SSL

VPN traffic, not on other TCP/IP protocols. Therefore, the SSL VPN Concentrator should always be used in conjunction with a network firewall.

Initial Connection to the SSL VPN Concentrator

In its factory default state, the SSL VPN Concentrator Ethernet Port 1 IP address is 192.168.1.1 and the Ethernet Port 2 IP address is 10.0.0.1. Unless these default IP addresses are compatible with your network, you must configure and connect a computer directly to Ethernet Port 1 for initial configuration including reassignment of the Ethernet Port IP addresses. This procedure is described in the following steps:

Installing the SSL312

2-3

v2.0, May 2007

Page 20 Page 22
Page 21
Image 21
NETGEAR SSL312 manual Initial Connection to the SSL VPN Concentrator
Page 20 Page 22
Top Page Image Contents