Resumen del contenido incluido en la página 1
NETGEAR ProSafe SSL
VPN Concentrator 25
SSL312 Reference
Manual
NETGEAR, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
202-10208-04
May 2007
v2.0��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumen del contenido incluido en la página 2
© 2007 by NETGEAR, Inc. All rights reserved. Technical Support Please register to obtain technical support. Please retain your proof of purchase and warranty information. To register your product, get product support or obtain product information and product documentation, go to http://www.NETGEAR.com. If you do not have access to the World Wide Web, you may register your product by filling out the registration card and mailing it to NETGEAR customer service. You will find technical support i
Resumen del contenido incluido en la página 3
EU Regulatory Compliance Statement ProSafe SSL VPN Concentrator 25 is compliant with the following EU Council Directives: 89/336/EEC and LVD 73/23/EEC. Compliance is verified by testing to the following standards: EN55022 Class B, EN55024 and EN60950. Certificate of the Manufacturer/Importer It is hereby certified that the ProSafe SSL VPN Concentrator 25 has been suppressed in accordance with the conditions set out in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. The operation of some equipmen
Resumen del contenido incluido en la página 4
Product and Publication Details Model Number: SSL312 Publication Date: May 2007 Product Family: Concentrator Product Name: ProSafe SSL VPN Concentrator 25 Home or Business Product: Business Language: English Publication Part Number: 202-10208-04 Publication Version Number: 2.0 iv v2.0, May 2007�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumen del contenido incluido en la página 5
Contents About This Manual Conventions, Formats and Scope .................................................................................... ix Using This Manual ............................................................................................................. x Printing this Manual ...........................................................................................................x Revision History .............................................................................
Resumen del contenido incluido en la página 6
Steps for Further Configuration ....................................................................................2-14 Chapter 3 Authenticating Users Authentication Domains ..................................................................................................3-1 Local User Database Authentication ..............................................................................3-2 RADIUS and NT Domain Authentication .....................................................................
Resumen del contenido incluido en la página 7
Editing a User .........................................................................................................4-16 Defining and Editing User Policies .........................................................................4-18 Defining and Editing a User Bookmarks ................................................................4-19 Deleting a User ......................................................................................................4-20 Using Network Resource Objects t
Resumen del contenido incluido en la página 8
Erasing the Configuration and Restoring the Default Settings ...............................7-13 Upgrading the SSL VPN Concentrator Firmware ..................................................7-13 Additional Notes on the Management Interface ...........................................................7-14 Chapter 8 Monitoring and Logging SSL VPN Concentrator Status ........................................................................................8-1 Active Users ...........................
Resumen del contenido incluido en la página 9
About This Manual ® The NETGEAR Prosafe™ SSL VPN Concentrator 25 SSL312 Reference Manual describes how to install and configure the SSL312. The information in this manual is intended for administrators who will configure the SSL312. You should have intermediate computer and Internet skills. Conventions, Formats and Scope The conventions, formats, and scope of this manual are described in the following paragraphs: • Typographical Conventions. This manual uses the following typographical convent
Resumen del contenido incluido en la página 10
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Danger: This is a safety warning. Failure to take heed of this notice could result in personal injury or death. • Scope. This manual is written for the SSL VPN Concentrator according to these specifications: Product Version ProSafe SSL VPN Concentrator 25 SSL312 Manual Publication Date May 2007 For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix B, “Relate
Resumen del contenido incluido en la página 11
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Each page in the HTML version of the manual is dedicated to a major topic. Use the Print button on the browser toolbar to print the page contents. • Printing a Chapter. Use the PDF of This Chapter link at the top left of any page. – Click the PDF of This Chapter link at the top right of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window. – Your computer must have
Resumen del contenido incluido en la página 12
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Revision History Version Date Description of Changes -01, v1.1 November 2006 • Restructured the contents so that common setup and configuration tasks are easier to find • Added new topics • Added a link to a Microsoft Word template for creating an end-user guide -02, v1.0 December 2006 • Refined Portal layout behavior • Added Full Tunnel Support for VPN Tunnels -02,v1.1 April 2007 • Removed references to SNMP – not supported • Bug
Resumen del contenido incluido en la página 13
Chapter 1 Introduction ® This chapter describes some of the key features of the NETGEAR ProSafe™ SSL VPN Concentrator 25 SSL312. It also includes the minimum prerequisites for installation (“Web Browser Requirements” on page 1-2.), package contents (“What’s in the Box” on page 1-3), and a description of the front and back panels of the SSL312 (“Hardware Description” on page 1-3). About the ProSafe SSL VPN Concentrator 25 The ProSafe SSL VPN Concentrator 25 is a hardware-based SSL VPN solution
Resumen del contenido incluido en la página 14
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual • Supports multiple user authentications, including local database, Microsoft Active Directory, LDAP, NT Domain and RADIUS. • Provides client-less access with customizable user portals and support for a wide variety of user repositories. Access includes support for: – Full network access – HTTP and HTTPS proxy and reverse proxy – Remote Desktop and Application Access including File Sharing Web Browser Requirements The following we
Resumen del contenido incluido en la página 15
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual End Users can use Microsoft Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher or Mozilla Firefox 1.x (for VPN tunnel, VNC, Network Places and Utilities). The browsers should also support JavaScript, Java, cookies, SSL and ActiveX to take advantage of the full suite of applications. What’s in the Box The product package should contain the following items: • ProSafe SSL VPN Concentrator 25 SSL312 • A power cord specific t
Resumen del contenido incluido en la página 16
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 1. LED Power Indicator: • Off – No power • On – Power is on. 2. LED Self test Indicator. • Self test – on while initializing. (~2 minutes) • Loading Software – blinking while uploading software • System fault – on (prolonged) This LED will blink for 1-2 minutes before going off. 3. Two 10/100M Ethernet ports: • A solid green LED indicates a connectivity link has been established on either the 10M or 100M interface. • A blinking gr
Resumen del contenido incluido en la página 17
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Steps for Deploying the SSL312 Three basic steps are involved in deploying the ProSafe SSL VPN Concentrator 25 in your network. • Installing the SSL312: choosing a network topology, configuring its IP addressing scheme, connecting the SSL312, and provisioning the SSL certificate. Refer to Chapter 2, “Installing the SSL312”. • Setting up SSL312 user accounts: creating individual user accounts, grouping users by common access priv
Resumen del contenido incluido en la página 18
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 1-6 Introduction v2.0, May 2007���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumen del contenido incluido en la página 19
Chapter 2 Installing the SSL312 This chapter describes how to install the ProSafe SSL VPN Concentrator 25 SSL312. The installation includes choosing a network topology, configuring the IP addressing scheme, connecting the SSL312, and provisioning the SSL certificate. Choosing a Network Topology The physical connection of the SSL VPN Concentrator to your network is determined by the network topology you choose. There are two common network topologies for installing the SSL VPN Concentrator: s
Resumen del contenido incluido en la página 20
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual . Corporate Server IP Address 192.168.1.3 Firewall/Router IP Address 192.168.1.254 LAN Subnet 192.168.1.0/24 SSL312 IP Address 192.168.1.1 Figure 2-1 Single arm mode has the advantage of being protected by your firewall. In later steps, you will use the following settings when configuring for single arm operation. • Assign Ethernet Port 1 an IP address on your local network. • Disable Ethernet Port 2. • Disable Routing Mode. • Defi
