NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual

Addresses between 128.0.0.0 and 191.255.255.255 are Class B addresses; the VPN Tunnel Client will assume that all addresses with the same first two octets are located across the VPN tunnel.

Addresses between 192.0.0.0 and 223.255.255.255 are Class C addresses; the VPN Tunnel Client will assume that all addresses with the same first three octets are located across the VPN tunnel.

The subnet classes for the designated private IP address ranges are:

Class A subnet: 10.0.0.0 through 10.255.255.255

Class B subnet: 172.16.0.0 through 172.16.31.255.255

Class C subnet: 192.168.0.1 through 192.168.255.255

If VPN Tunnel Clients need to connect to addresses on the corporate network that are not in the same subnet as the client address range, then you will need to add client routes.

To add an SSL VPN Tunnel client route:

1.In the Destination Network field under Add Routes for VPN Tunnel Clients section, enter the network address of a local area network or subnet For example, enter 192.168.0.0.

2.Enter the subnet mask of the local area network Subnet Mask field.

3.Click Add Route. The client route will be displayed in the Configured Client Routes table, as shown in the example in Figure 9-2.

Note: You will also need to add a static route on your corporate firewall or router that directs traffic destined for the VPN Tunnel Client address range to the SSL

VPN Concentrator.

4.Restart the SSL VPN Concentrator software if VPN Tunnel Clients are currently connected to the SSL VPN Concentrator. Restarting forces clients to reconnect and receive new addresses and routes.

Now users will be able to connect to the SSL VPN Concentrator and receive a virtual IP address from the client address range.

9-4

VPN Tunnel Client

v1.0, August 2006

Page 96
Image 96
NETGEAR SSL312 manual V1.0, August