ProSecure Unified Threat Management (UTM) Appliance

Table 95. SSL VPN Client screen settings (continued)

Setting

Description

 

 

Primary DNS Server

The IP address of the primary DNS server that is assigned to the VPN tunnel

 

clients. This setting is optional.

 

Note: If you do not assign a DNS server, the DNS settings remain

 

unchanged in the VPN client after a VPN tunnel has been established.

Secondary DNS Server

The IP address of the secondary DNS server that is assigned to the VPN

 

tunnel clients. This setting is optional.

 

 

Client Address Range Begin

The first IP address of the IP address range that you want to assign to the

 

VPN tunnel clients.

 

 

Client Address Range End

The last IP address of the IP address range that you want to assign to the

 

VPN tunnel clients.

3.Click Apply to save your settings. VPN tunnel clients are now able to connect to the UTM and receive a virtual IP address in the client address range.

Add Routes for VPN Tunnel Clients

The VPN tunnel clients assume that the following networks are located across the VPN-over-SSL tunnel:

The subnet that contains the client IP address (that is, PPP interface), as determined by the class of the address (Class A, B, or C).

Subnets that are specified in the Configured Client Routes table on the SSL VPN Client screen.

If the assigned client IP address range is in a different subnet from the local network, or if the local network has multiple subnets, or if you select split-mode tunnel operation, you need to define client routes.

To add an SSL VPN tunnel client route:

1.Select VPN > SSL VPN > SSL VPN Client. The SSL VPN Client screen displays (see Figure 219 on page 366).

2.In the Add Routes for VPN Tunnel Clients section of the screen, specify information in the following fields:

Destination Network. The destination network IP address of a local network or subnet. For example, enter 192.168.1.60.

Subnet Mask. The address of the appropriate subnet mask.

3.Click the Add table button. The new client route is added to the Configured Client Routes table.

If VPN tunnel clients are already connected, restart the UTM. Restarting forces clients to reconnect and receive new addresses and routes.

Virtual Private Networking Using SSL Connections

367

Page 367
Image 367
NETGEAR STM150EW-100NAS, UTM5EW-100NAS Add Routes for VPN Tunnel Clients,  To add an SSL VPN tunnel client route, 367