1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SSL312
    5. /
  5. 18
Page 86 / 120 Scroll up to view Page 81 - 85
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
6-6
Configuring the SSL VPN Tunnel Client and Port Forwarding
v1.1, November 2006
2.
Restart the SSL VPN Concentrator software if VPN Tunnel Clients are currently connected to
the SSL VPN Concentrator. Restarting forces clients to reconnect and receive new addresses
and routes.
Configuring Applications for Port Forwarding
The Port Forwarding screen allows you to specify the internal addresses and TCP applications
(port numbers) that will be intercepted by the Port Forwarding client on the user’s PC. The client
will reroute this traffic to the SSL VPN Concentrator. To configure Port Forwarding, you must
define the internal host machines and TCP applications available to remote users.
To configure applications for Port Forwarding:
1.
From the Access Administration menu in the left navigation pane, select the Port Forwarding
option. The Port Forwarding configuration screen displays.
2.
In the Configured Applications for Port Forwarding section, enter the IP address of an internal
server or host computer in the IP Address field.
Figure 6-3
Page 87 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Configuring the SSL VPN Tunnel Client and Port Forwarding
6-7
v1.1, November 2006
3.
In the TCP Port field, enter the TCP port number of the application to be tunneled. The table
below lists many commonly used TCP applications and port numbers (see
for a more complete list of registered port numbers).
4.
Click Apply. The IP address and port number submitted appear in the Configured Applications
for Port Forwarding table.
Configuring Host Name Resolution
Once the server and port information has been configured, remote users will be able to access
private network servers using Port Forwarding. As a convenience for users, the SSL VPN
Concentrator administrator can also specify host name to IP address resolution for network
servers. Host Name Resolution allows users to access TCP applications at familiar addresses such
as
mail.mycompany.com
or
ftp.mycompany.com
rather than by IP addresses.
To add a host name for client name resolution:
1.
In the Configured Host Names for Port Forwarding section, enter an IP address in the Local
Server IP Address field. The address should already be defined in the Configured Applications
for Port Forwarding table.
2.
In the Fully Qualified Domain Name field, enter a domain name of the internal server.
Table 6-1. Port Forwarding Applications/TCP Port Numbers
TCP Application
Port Number
FTP Data (usually not needed)
20
FTP Control Protocol
21
SSH
22
a
a. Users can specify the port number together with the host name or
IP address.
Telnet
23
a
SMTP (send mail)
25
HTTP (web)
80
POP3 (receive mail)
110
NTP (network time protocol)
123
Citrix
1494
Terminal Services
3389
VNC (virtual network computing)
5900 or 5800
Page 88 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
6-8
Configuring the SSL VPN Tunnel Client and Port Forwarding
v1.1, November 2006
3.
Click Apply to submit the host-to-name mapping. The IP address and domain name should
appear in the Configured Host Names for Port Forwarding table.
Now, remote users will be able to securely access network applications once they have logged
into the SSL VPN portal and launched Port Forwarding.
Page 89 / 120
7-1
v1.1, November 2006
Chapter 7
Additional System Configuration
This chapter describes additional network and configuration management functions provided by
the Web Management Interface. The additional functions include:
Configuring Network Settings
Setting Date and Time
System Configuration Utilities
Additional Notes on the Management Interface
Configuring Network Settings
The IP settings and interface settings of the SSL VPN Concentrator appliance are configured
through the Network screen under the System Configuration menu on the left navigation panel.
From the Network window, an SSL VPN Concentrator administrator can
Set the Ethernet Port 1 and Ethernet Port 2 addresses.
Define the default network route and add additional static IP routes.
Map host names or fully qualified domain names to IP addresses.
Manage SSL Certificates (as described in
“Managing Certificates” in Chapter 2
).
Sample SSL VPN Concentrator Configuration
In the following network configuration example, the SSL VPN Concentrator appliance is deployed
as a standalone SSL VPN device. A separate access router or firewall performs perimeter security.
Interface Ethernet Port 1 IP address:
192.168.1.1
Interface Ethernet Port 1 subnet mask:
255.255.255.0
(subnet:
192.168.1.0/24
)
Warning:
These advanced network settings should only be configured by a network
administrator.
Page 90 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
7-2
Additional System Configuration
v1.1, November 2006
Default gateway address (Firewall/Router address):
192.168.1.254
In the configuration shown in the diagram, the IP addresses of devices in the local network are
configured in the
192.168.1.0/24
subnet and the default gateway for these devices is the
internal IP address of the local firewall or router,
192.168.1.254
.
All connections initiated from the Internet can be blocked by the firewall except HTTPS traffic
(TCP port 443). HTTPS traffic should be forwarded to the SSL VPN Concentrator appliance
address,
192.168.1.1
.
Network Interface Configuration
Configure the SSL VPN Concentrator network Interface settings by selecting Network under the
System Configuration menu in the left navigation pane and then clicking the Interface radio
button.
To configure the Ethernet Port 1 and Ethernet Port 2 Interfaces:
1.
Enter the Ethernet Port 1 (SSL) IP address of your SSL VPN Concentrator. This address
should be a unique address in the same subnet as the rest of your local network. The factory
default is
192.168.1.1
.
Figure 7-1
Corporate Server
IP Address 192.168.1.3
SSL312 IP Address
192.168.1.1
Firewall/Router
IP Address
192.168.1.254
LAN Subnet
192.168.1.0/24

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top