Chapter 21 SSL VPN
Table 102 VPN > SSL VPN > Access Privilege > Add/Edit (continued)
LABEL | DESCRIPTION |
User/Group | The Available list displays the name(s) of the user account and/or user group(s) to |
| which you have not applied an SSL access policy yet. |
| To associate a user or user group to this SSL access policy, select a user account |
| or user group and click >> to add to the Member list. You can select more than |
| one name. |
| To remove a user or user group, select the name(s) in the Member list and click |
| <<. |
|
|
Add | Click Add to display a screen you use to create a new user account or user group |
| name (see Section 34.2.1 on page 506 for details). |
|
|
SSL Application | The Available list displays the name(s) of the SSL application(s) you can select |
List | for this SSL access policy. |
| To associate an SSL application to this SSL access policy, select a name and click |
| >> to add to the Member list. You can select more than one application. |
| To remove an SSL application, select the name(s) in the Member list and click <<. |
|
|
Add | Click Add to create a new SSL application object. Refer to Section 42.3 on page |
| 568 for more information. |
|
|
Network |
|
Extension |
|
|
|
Enable Network | Select this option to create a VPN tunnel between the authenticated users and the |
Extension | internal network. This allows the users to access the resources on the network as |
| if they were on the same local network. |
| Clear this option to disable this feature. Users can only access the applications as |
| defined by the selected SSL application settings and the remote user computers |
| are not made to be a part of the local network. |
|
|
Assign IP Pool | Define a separate pool of IP addresses to assign to the SSL users. Select it here. |
| The SSL VPN IP pool cannot overlap with IP addresses on the ZyWALL's local |
| networks (LAN and DMZ for example), the SSL user's network, or the networks |
| you specify in the SSL VPN Network List. |
|
|
DNS/WINS | Select the name of the DNS or WINS server whose information the ZyWALL sends |
Server 1..2 | to the remote users. This allows them to access devices on the local network using |
| domain names instead of IP addresses. |
|
|
Network List | To allow user access to local network(s), select a network name in the Available |
| list and click >> to add to the Member list. You can select more than one network. |
| To block access to a network, select the network name in the Member list and |
| click <<. |
Add | Click Add to create a new network object. Refer to Chapter 35 on page 515 for |
| more information. |
|
|
Ok | Click Ok to save the changes and return to the main Access Privilege screen. |
|
|
Cancel | Click Cancel to discard all changes and return to the main Access Privilege |
| screen. |
|
|
21.4 SSL Connection Monitor
The ZyWALL keeps track of the users who are currently logged into the VPN SSL client portal. Click VPN > SSL VPN in the navigation panel and click the Connection Monitor tab to display the user list.
Use this screen to do the following:
• view a list of users currently logged in through VPN SSL.
326 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|