ZyXEL Communications 91-009-073003B 412

Chapter 24 SSL VPN

•apply Endpoint Security (EPS) checking to require users’ computers to comply with defined corporate policies before they can access the SSL VPN tunnel.

•limit user access to specific applications or files on the network.

•allow user access to specific networks.

•assign private IP addresses and provide DNS/WINS server information to remote users to access internal networks.

SSL Access Policy Objects

The SSL access policies reference the following objects. If you update this information, in response to changes, the ZyWALL automatically propagates the changes through the SSL policies that use the object(s). When you delete an SSL policy, the objects are not removed.

Table 119 Objects

OBJECT	OBJECT	DESCRIPTION
TYPE	SCREEN	DESCRIPTION
TYPE	SCREEN
User Accounts	User	Configure a user account or user group to which you want
	Account/	to apply this SSL access policy.
	User Group

Endpoint	Endpoint	Endpoint Security (EPS) checking makes sure users’
Security	Security	computers comply with defined corporate policies before
		they can access the SSL VPN tunnel.

Application	SSL	Configure an SSL application object to specify the type of
	Application	application and the address of the local computer, server,
		or web site SSL users are to be able to access.

IP Pool	Address	Configure an address object that defines a range of
		private IP addresses to assign to user computers so they
		can access the internal network through a VPN
		connection.

Server	Address	Configure address objects for the IP addresses of the DNS
Addresses		and WINS servers that the ZyWALL sends to the VPN
		connection users.

VPN Network	Address	Configure an address object to specify which network
		segment users are allowed to access through a VPN
		connection.

You cannot delete an object that is referenced by an SSL access policy. To delete the object, you must first unassociate the object from the SSL access policy.

Finding Out More

•See Section 6.5.16 on page 102 for related information on these screens.

•See Section 24.4 on page 419 for how to establish an SSL VPN connection to the ZyWALL (after you have configured the SSL VPN settings on the ZyWALL).

•See Chapter 44 on page 665 for details on endpoint security objects.

•See Chapter 43 on page 659 for details on SSL application objects.

412
412	ZyWALL USG 50 User’s Guide