NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Setting Up User and Group Access Policies
4-5
v1.1, November 2006
2.
From the Apply Policy To pull-down menu, select whether the policy will be applied to a
predefined network resource, an individual host, a network, or all addresses.
3.
In the Policy Name field, enter a name for the policy.
•
If your policy applies to a predefined network resource, select the name of the resource
from the Defined Resource menu. For information about creating network resources, refer
to
“Using Network Resource Objects to Simplify Policies” on page 4-20
.
•
If your policy applies to a specific host, enter the IP address of the local host machine in
the IP Address field.
•
If your policy applies to a network, enter the network address in the Network Address
field and the subnet mask in the Subnet Mask field.
4.
From the Service pull-down menu, select the service type. If you are applying a policy to a
network resource, the service type is defined in the network resource.
5.
From the Status pull-down menu, select PERMIT or DENY to either permit or deny SSL VPN
connections for the specified service and host machine.
6.
Click Apply to update the configuration. Once the configuration has been updated, the new
policy appears in the Global Policies table on the Global Settings screen.
The Global Policies will be displayed in the order of priority, from the highest priority policy
to the lowest priority policy.
Figure 4-3
Note:
SSL VPN Concentrator policies apply to the destination address(es) of the SSL
VPN connection, not the source address. You cannot permit or block a specific
IP address on the Internet from authenticating to the SSL VPN Concentrator
through the policy engine.