21

SSL VPN

This chapter shows you how to set up secure SSL VPN access for remote user login. See Section 5.4.5 on page 116 for related information on these screens.

21.1 SSL Access Policy

An SSL access policy allows the ZyWALL to perform the following tasks:

limit user access to specific applications or files on the network.

allow user access to specific networks.

assign private IP addresses and provide DNS/WINS server information to remote users to access internal networks.

21.1.1SSL Access Policy Objects

Your ZyWALL uses the object-based configuration approach in which related settings are grouped into an object. Once you have set up an object, you can apply and reuse it in other configuration screens. Thus, the object-based approach minimizes repetitive configuration steps and helps to reduce management and configuration efforts.

Objects store information and are referenced in the SSL Access Privilege screen. If you update this information, in response to changes, the ZyWALL automatically propagates the changes through the SSL policies that use the object(s). When you delete an SSL policy, the objects are not removed.

The following table gives an overview of the settings you can configure in the corresponding Object screens or through the SSL Access Privilege screen.

Table 100 Objects

OBJECT TYPE

OBJECT

DESCRIPTION

SCREEN

 

 

User Accounts

User Account/

Configure a user account or user group to which you want to apply

 

User Group

this SSL access policy.

 

 

 

Application

SSL

Configure an SSL application object to specify the application type

 

Application

and server users are allowed to access.

 

 

 

IP Pool

Address

Configure an address object that defines a range of private IP

 

 

addresses to assign to user computers so they can access the

 

 

internal network through a VPN connection.

 

 

 

 

323

ZyWALL USG 1000 User’s Guide