Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsNetworkingSRXN3205
161162163164165166167168169170
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
7-10 Virtual Private Networking Using SSL
v1.0, January 2010
2. Select the Port Forwarding tab. The Port Forwarding screen is displayed. (see Figure 7-4 on
page 7-8).
3. If the server that you want to name does not appear in the List of Configured Applications
for Port Forwarding table, you must add it before you can rename it.
4. In the Add New Host Name for Port Forwarding section, enter the IP address of the server
that you want to name.
5. In the Fully Qualified Domain Name field, enter the full server name.
6. Click Add.
The “Operation succeeded” message appears at the top of the screen, and the new entry is
listed in the List of Configured Host Names for Port Forwarding table.
Remote users can now securely access network applications once they have logged into the SSL
VPN portal and launched port forwarding.
Configuring the SSL VPN Client
The SSL VPN Client within the VPN firewall will assign IP addresses to remote VPN tunnel
clients. Because the VPN tunnel connection is a point-to-point connection, you can assign IP
addresses from the corporate subnet to the remote VPN tunnel clients.
Some additional considerations are:
So that the virtual (PPP) interface address of a VPN tunnel client does not conflict with
addresses on the corporate network, configure an IP address range that does not directly
overlap with addresses on your local network. For example, if 192.168.1.1 through
192.168.1.100 are currently assigned to devices on your local network, then start the client
address range at 192.168.1.101 or choose an entirely different subnet altogether.
The VPN tunnel client cannot contact a server on the corporate network if the VPN tunnel
client’s Ethernet interface shares the same IP address as the server or the VPN firewall (for
example, if your laptop has a network interface IP address of 10.0.0.45, then you will not be
able to contact a server on the remote network that also has the IP address 10.0.0.45).
If you assign an entirely different subnet to the VPN tunnel clients than the subnet used by the
corporate network, you must
Add a client route to configure the VPN tunnel client to connect to the corporate network
using the VPN tunnel.