|
| Chapter 21 SSL VPN |
|
|
|
| Table 118 VPN > SSL VPN > Access Privilege > Add/Edit (continued) | |
| LABEL | DESCRIPTION |
| Name | Enter a descriptive name to identify this policy. You can enter up to 31 characters |
|
| |
|
|
|
| Zone | Select the zone to which to add this SSL access policy. You use zones to apply security |
|
| settings such as firewall and remote management. |
|
|
|
| Description | Enter additional information about this SSL access policy. You can enter up to 60 |
|
| characters |
|
|
|
| User/Group | The Selectable User/Group Objects list displays the name(s) of the user account and/ |
|
| or user group(s) to which you have not applied an SSL access policy yet. |
|
| To associate a user or user group to this SSL access policy, select a user account or user |
|
| group and click the right arrow button to add to the Selected User/Group Objects list. |
|
| You can select more than one name. |
|
| To remove a user or user group, select the name(s) in the Selected User/Group |
|
| Objects list and click the left arrow button. |
|
| Note: Although you can select admin and |
|
| reserved for device configuration only. You cannot use them to access the SSL VPN |
|
| portal. |
|
|
|
| SSL Application | The Selectable Application Objects list displays the name(s) of the SSL application(s) |
| List (Optional) | you can select for this SSL access policy. |
|
| To associate an SSL application to this SSL access policy, select a name and click the right |
|
| arrow button to add to the Selected Application Objects list. You can select more than |
|
| one application. |
|
| To remove an SSL application, select the name(s) in the Selected Application Objects |
|
| list and click the left arrow button. |
|
| Note: To allow access to shared files on a Windows 7 computer, within Windows 7 you must |
|
| enable sharing on the folder and also go to the Network and Sharing Center’s |
|
| Advanced sharing settings and turn on the current network profile’s file and printer |
|
| sharing. |
|
|
|
| Network Extension (Optional) | |
|
|
|
| Enable Network | Select this option to create a VPN tunnel between the authenticated users and the internal |
| Extension | network. This allows the users to access the resources on the network as if they were on |
|
| the same local network. This includes access to resources not supported by SSL |
|
| application objects. For example this lets users Telnet to the internal network even though |
|
| the ZyWALL does not have SSL application objects for Telnet. |
|
| Clear this option to disable this feature. Users can only access the applications as defined |
|
| by the VPN tunnel’s selected SSL application settings and the remote user computers are |
|
| not made to be a part of the local network. |
|
|
|
| Force all client | Select this to send all traffic from the SSL VPN clients through the SSL VPN tunnel. This |
| traffic to SSL VPN | replaces the default gateway of the SSL VPN clients with the SSL VPN gateway. |
| tunnel |
|
|
|
|
| Assign IP Pool | Define a separate pool of IP addresses to assign to the SSL users. Select it here. |
|
| The SSL VPN IP pool cannot overlap with IP addresses on the ZyWALL's local networks |
|
| (LAN and DMZ for example), the SSL user's network, or the networks you specify in the |
|
| SSL VPN Network List. |
|
|
|
| DNS/WINS | Select the name of the DNS or WINS server whose information the ZyWALL sends to the |
| Server 1..2 | remote users. This allows them to access devices on the local network using domain |
|
| names instead of IP addresses. |
|
|
|
| 321 |
ZyWALL 110/310/1100 Series User’s Guide | |
|
|