NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Installing the SSL312
2-3
v1.1, November 2006
authorized for that user. The user’s subsequent requests for network services are decrypted by the
SSL VPN Concentrator and relayed to the appropriate network servers on the corporate network.
Routing mode has the advantage of unloading SSL traffic from your firewall. However, your
network may not be as well protected since the firewall can not inspect this traffic.
In later steps, you will use the following settings when configuring for routing operation.
•
Assign Ethernet Port 1 a public IP address.
•
Assign Ethernet Port 2 an IP address on your local network.
•
Enable Routing Mode.
Initial Connection to the SSL VPN Concentrator
In its factory default state, the SSL VPN Concentrator Ethernet Port 1 IP address is
192.168.1.1
and the Ethernet Port 2 IP address is
10.0.0.1
. Unless these default IP
addresses are compatible with your network, you must configure and connect a computer directly
to Ethernet Port 1 for initial configuration including reassignment of the Ethernet Port IP
addresses. This procedure is described in the following steps:
1.
Prepare a PC with an Ethernet adapter. If this PC is already part of your network, record its
TCP/IP configuration settings so that you can restore them later.
Figure 2-1
Note:
The SSL VPN Concentrator does not perform Network Address Translation
(NAT). Also, the SSL VPN Concentrator only enforces access policies on SSL
VPN traffic, not on other TCP/IP protocols. Therefore, the SSL VPN
Concentrator should always be used in conjunction with a network firewall.
SSL312