NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual

The most specific policy will take precedence over less specific policies. For example, a policy that applies to only one IP address will have priority over a policy that applies to a range of IP addresses. If there are two policies that apply to a single IP address, then a policy for a specific service (for example RDP) will take precedence over a policy that applies to all services.

Note: User policies take precedence over all group policies and group policies take precedence over all global policies, regardless of the policy definition (A user

policy that allows access to all IP addresses will take precedence over a group policy that denies access to a single IP address).

To define group access policies:

1.Click Add Policy in the Group Policies section of the Group Settings screen. An Add Policy window will display.

Figure 6-8

2.From the Apply Policy To pull-down menu, select whether the policy will be applied to a predefined network resource, an individual host, a range of addresses or all addresses.

3.Define a name for the policy in the Policy Name field.

Note: SSL VPN Concentrator policies apply to the destination address(es) of the SSL VPN connection, not the source address. You cannot permit or block a specific

IP address on the Internet from authenticating to the SSL VPN Concentrator through the policy engine. That type of policy would need to be defined by a firewall rule.

4.Select the appropriate policy:

6-10

Group and User Access Policies

v1.0, August 2006

Page 59 Page 61
Page 60
Image 60
NETGEAR SSL312 manual V1.0, August
Page 59 Page 61
Top Page Image Contents