|
| Chapter 21 SSL VPN |
| Table 127 VPN > SSL VPN > Access Privilege > Add/Edit (continued) | |
| LABEL | DESCRIPTION |
| User/Group | The Available list displays the name(s) of the user account and/or user group(s) to |
|
| which you have not applied an SSL access policy yet. |
|
| To associate a user or user group to this SSL access policy, select a user account |
|
| or user group and click >> to add to the Member list. You can select more than |
|
| one name. |
|
| To remove a user or user group, select the name(s) in the Member list and click |
|
| <<. |
|
|
|
| Add | Click Add to display a screen you use to create a new user account or user group |
|
| name (see Section 35.2.1 on page 596 for details). |
|
|
|
| SSL Application | The Available list displays the name(s) of the SSL application(s) you can select |
| List | for this SSL access policy. |
|
| To associate an SSL application to this SSL access policy, select a name and click |
|
| >> to add to the Member list. You can select more than one application. |
|
| To remove an SSL application, select the name(s) in the Member list and click <<. |
|
|
|
| Add | Click Add to create a new SSL application object. Refer to Chapter 42 on page |
|
| 657 for more information. |
|
|
|
| Network |
|
| Extension |
|
|
|
|
| Enable Network | Select this option to create a VPN tunnel between the authenticated users and the |
| Extension | internal network. This allows the users to access the resources on the network as |
|
| if they were on the same local network. |
|
| Clear this option to disable this feature. Users can only access the applications as |
|
| defined by the selected SSL application settings and the remote user computers |
|
| are not made to be a part of the local network. |
|
|
|
| Assign IP Pool | Define a separate pool of IP addresses to assign to the SSL users. Select it here. |
|
| The SSL VPN IP pool cannot overlap with IP addresses on the ZyWALL's local |
|
| networks (LAN and DMZ for example), the SSL user's network, or the networks |
|
| you specify in the SSL VPN Network List. |
|
|
|
| DNS/WINS | Select the name of the DNS or WINS server whose information the ZyWALL sends |
| Server 1..2 | to the remote users. This allows them to access devices on the local network using |
|
| domain names instead of IP addresses. |
|
|
|
| Network List | To allow user access to local network(s), select a network name in the Available |
|
| list and click >> to add to the Member list. You can select more than one network. |
|
| To block access to a network, select the network name in the Member list and |
|
| click <<. |
| Add | Click Add to create a new network object. Refer to Chapter 36 on page 607 for |
|
| more information. |
|
|
|
| Ok | Click Ok to save the changes and return to the main Access Privilege screen. |
|
|
|
| Cancel | Click Cancel to discard all changes and return to the main Access Privilege |
|
| screen. |
|
|
|
21.3 The SSL Connection Monitor Screen
The ZyWALL keeps track of the users who are currently logged into the VPN SSL client portal. Click VPN > SSL VPN in the navigation panel and click the Connection Monitor tab to display the user list.
Use this screen to do the following:
• View a list of users currently logged in through VPN SSL.
| 389 |
ZyWALL USG 100/200 Series User’s Guide | |
|
|