Page 21 / 120 Scroll up to view Page 16 - 20
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Installing the SSL312
2-3
v1.1, November 2006
authorized for that user. The user’s subsequent requests for network services are decrypted by the
SSL VPN Concentrator and relayed to the appropriate network servers on the corporate network.
Routing mode has the advantage of unloading SSL traffic from your firewall. However, your
network may not be as well protected since the firewall can not inspect this traffic.
In later steps, you will use the following settings when configuring for routing operation.
Assign Ethernet Port 1 a public IP address.
Assign Ethernet Port 2 an IP address on your local network.
Enable Routing Mode.
Initial Connection to the SSL VPN Concentrator
In its factory default state, the SSL VPN Concentrator Ethernet Port 1 IP address is
192.168.1.1
and the Ethernet Port 2 IP address is
10.0.0.1
. Unless these default IP
addresses are compatible with your network, you must configure and connect a computer directly
to Ethernet Port 1 for initial configuration including reassignment of the Ethernet Port IP
addresses. This procedure is described in the following steps:
1.
Prepare a PC with an Ethernet adapter. If this PC is already part of your network, record its
TCP/IP configuration settings so that you can restore them later.
Figure 2-1
Note:
The SSL VPN Concentrator does not perform Network Address Translation
(NAT). Also, the SSL VPN Concentrator only enforces access policies on SSL
VPN traffic, not on other TCP/IP protocols. Therefore, the SSL VPN
Concentrator should always be used in conjunction with a network firewall.
SSL312
Page 22 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
2-4
Installing the SSL312
v1.1, November 2006
2.
Configure your PC with a static IP address of
192.168.1.10
and
255.255.255.0
as the
subnet mask.
3.
Connect an Ethernet cable from your computer to Ethernet Port 1 on the front of the SSL VPN
Concentrator.
4.
Connect the power cord to the SSL312, turn on the concentrator and verify the following:
The PWR (power) light goes on immediately.
The TEST light goes off after about one minute, indicating that the system has initialized.
One of the Ethernet lights is lit: either the 10 Mbps or the 100 Mbps LED should light
showing that a connectivity link as been established
Accessing the Management Interface
Using the PC with the static IP address configured, you can log into the SSL VPN Concentrator
web management interface. The initial administrative setup of the concentrator must be performed
using a supported browser listed in
“Web Browser Requirements” on page 1-2
. The machine used
for management is referred to as the “Management Station”.
To log into the management interface:
1.
Connect to the SSL312 by opening your browser and entering
(for the
Ethernet Port 1 IP) in the address field. Be sure to type
https
, not
http
..
If you are connected to Ethernet Port 2 IP, the default address is
Note:
You must have administrative access to the SSL VPN Concentrator to configure the
Management Interface settings
Figure 2-2
Page 23 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Installing the SSL312
2-5
v1.1, November 2006
2.
A certificate security warning may appear. Click Yes or OK to continue. A login screen with
User Name and Password dialog boxes displays.
3.
When prompted, enter
admin
for the User Name and
password
for the Password, both in
lower case letters.
4.
From the Domain drop-down menu, select geardomain.
5.
Click Login to log in to the SSL VPN Concentrator Management Interface.
Once you have logged in, the following Status screen will display. The navigation links under
System Configuration, Access Administration, Monitoring, SSL VPN Portal and Web Support
headings on the left side of the browser window allow you to access and configure
administrative settings. When one of the navigation options is clicked, the corresponding
management configuration screen will display.
Figure 2-3
Note:
Both the user name and password are case-sensitive.
Page 24 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
2-6
Installing the SSL312
v1.1, November 2006
Configuring Basic Network Settings
Before deploying the SSL VPN Concentrator into your existing network, you should configure the
following basic settings:
Change the administrator password
Configure DNS server IP address
Figure 2-4
Page 25 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Installing the SSL312
2-7
v1.1, November 2006
Configure a default route
Configure Ethernet interface IP addresses
Follow these steps to prepare for installation:
1.
Change the administrator account password.
a.
On the left side of the browser window, select the Users and Groups link.
b.
In the Users table, click on admin.
c.
Type your new Password and re-type to Confirm Password.
d.
Click Apply.
2.
Configure the DNS server IP address.
a.
On the left side of the browser window, select the Network link.
b.
In the Network menu, click the DNS Settings radio button.
c.
Enter at least one DNS server IP address.
d.
Click Apply.
3.
Configure a default route for Internet access.
a.
On the left side of the browser window, select the Network link.
b.
In the Network menu, click the Static Routes radio button.
c.
Specify the Default Gateway Address.
If you plan a single arm topology, the Default Gateway is your corporate firewall. Specify
that IP address for the ethernet-1 interface.
If you plan a routing topology, the Default Gateway for the ethernet-1 interface is your
Internet Service Provider’s gateway. The Default Gateway for the ethernet-2 interface is
your corporate firewall.
d.
Click Apply.
4.
Change the Ethernet port IP Addresses.
a.
Select the Network link.
b.
In the Network menu, click the Interfaces radio button.
c.
Enter your chosen Ethernet Port 1 IP Address and Subnet Mask.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top