SSL312 User Manual
Page 2
... of Conditions In the interest of their respective holders. Microsoft, Windows, and Windows NT are registered trademarks or trademarks of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to which can radiate radio ... interference will find technical support information at: http://www.NETGEAR.com/ through the customer service area. FCC Requirements for help. If this document without notice. Trademarks NETGEAR, the NETGEAR logo, ProSafe and Auto Uplink are designed to provide reasonable protection against...
... of Conditions In the interest of their respective holders. Microsoft, Windows, and Windows NT are registered trademarks or trademarks of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to which can radiate radio ... interference will find technical support information at: http://www.NETGEAR.com/ through the customer service area. FCC Requirements for help. If this document without notice. Trademarks NETGEAR, the NETGEAR logo, ProSafe and Auto Uplink are designed to provide reasonable protection against...
SSL312 User Manual
Page 11
...the upper left of any page. - Use the Complete PDF Manual link at the top left of the window. Click the Complete PDF Manual link at the top left of the window. Click the print icon in the upper left of paper, you can save paper and printer ink by ... Web site at the top left of This Chapter link at http://www.adobe.com. - The Acrobat reader is dedicated to print. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Each page in a browser window. - Use the PDF of any page in order to print the page contents. • Printing a Chapter. Your computer must have...
...the upper left of any page. - Use the Complete PDF Manual link at the top left of the window. Click the Complete PDF Manual link at the top left of the window. Click the print icon in the upper left of paper, you can save paper and printer ink by ... Web site at the top left of This Chapter link at http://www.adobe.com. - The Acrobat reader is dedicated to print. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Each page in a browser window. - Use the PDF of any page in order to print the page contents. • Printing a Chapter. Your computer must have...
SSL312 User Manual
Page 14
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual • Provides client-less access with JavaScript, cookies, and SSL enabled. HTTP and HTTPS proxy and reverse proxy - supports VPN tunnel, VNC, Network Places and Utilities (Microsoft Internet Explorer is only required for the SSL VPN portal, not the web management interface. • Microsoft Windows... v2.1, November 2008 Java: Sun JRE 1.1 or higher To configure the NETGEAR ProSafe SSL VPN Concentrator 25, an administrator must use Microsoft Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher or Mozilla Firefox 1.x...
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual • Provides client-less access with JavaScript, cookies, and SSL enabled. HTTP and HTTPS proxy and reverse proxy - supports VPN tunnel, VNC, Network Places and Utilities (Microsoft Internet Explorer is only required for the SSL VPN portal, not the web management interface. • Microsoft Windows... v2.1, November 2008 Java: Sun JRE 1.1 or higher To configure the NETGEAR ProSafe SSL VPN Concentrator 25, an administrator must use Microsoft Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher or Mozilla Firefox 1.x...
SSL312 User Manual
Page 15
What's in Microsoft Windows Vista 64-bit Edition is 32-bit Internet Explorer. The default browser in the Box The product package should contain the following items: • ProSafe SSL VPN Concentrator 25 SSL312 • A power cord specific to take advantage of the full suite...November 2008 Note: For 64-bit support with signed CABs, you must use a 64-bit version of the SSL312. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual support JavaScript, Java, cookies, SSL and ActiveX to your region. • Straight through Category 5 Ethernet cable. • A serial cable (...
What's in Microsoft Windows Vista 64-bit Edition is 32-bit Internet Explorer. The default browser in the Box The product package should contain the following items: • ProSafe SSL VPN Concentrator 25 SSL312 • A power cord specific to take advantage of the full suite...November 2008 Note: For 64-bit support with signed CABs, you must use a 64-bit version of the SSL312. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual support JavaScript, Java, cookies, SSL and ActiveX to your region. • Straight through Category 5 Ethernet cable. • A serial cable (...
SSL312 User Manual
Page 23
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 2. Click Yes or OK to the SSL VPN Concentrator Management Interface. Figure 2-3 3. From the Domain drop-down menu, select geardomain. 5. When one of the browser window allow you have logged in, the following Status screen will display. A certificate security warning may appear. Click Login to log in lower case letters. Installing the SSL312... The navigation links under System Configuration, Access Administration, Monitoring, SSL VPN Portal and Web Support headings on the left side of the navigation options is...
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 2. Click Yes or OK to the SSL VPN Concentrator Management Interface. Figure 2-3 3. From the Domain drop-down menu, select geardomain. 5. When one of the browser window allow you have logged in, the following Status screen will display. A certificate security warning may appear. Click Login to log in lower case letters. Installing the SSL312... The navigation links under System Configuration, Access Administration, Monitoring, SSL VPN Portal and Web Support headings on the left side of the navigation options is...
SSL312 User Manual
Page 25
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual • Configure Ethernet interface IP addresses To prepare for Internet access. On the left side of the browser window, select the Network link. Enter at least one DNS server IP address. In the Network menu, click the ...c. If you plan a single arm topology, the Default Gateway is your corporate firewall. Click Apply. 3. On the left side of the browser window, select the Users and Groups link. d. If you plan a routing topology, the Default Gateway for the ethernet-1 interface. • If you...
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual • Configure Ethernet interface IP addresses To prepare for Internet access. On the left side of the browser window, select the Network link. Enter at least one DNS server IP address. In the Network menu, click the ...c. If you plan a single arm topology, the Default Gateway is your corporate firewall. Click Apply. 3. On the left side of the browser window, select the Users and Groups link. d. If you plan a routing topology, the Default Gateway for the ethernet-1 interface. • If you...
SSL312 User Manual
Page 30
...not be sure to the SSL VPN Concentrator, the certificate information must have the .zip extension. The Certificates menu will be in the Enable Certificate window. Click Apply. Check the Generate a Self-signed Certificate checkbox to the SSL VPN Concentrator. Under the System Configuration menu...locate the zipped digital certificate file on your certificate and will display as shown in the Current Certificates table. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 3. In the Import Digital Certificate table, select Browse to the instructions later in the left ...
...not be sure to the SSL VPN Concentrator, the certificate information must have the .zip extension. The Certificates menu will be in the Enable Certificate window. Click Apply. Check the Generate a Self-signed Certificate checkbox to the SSL VPN Concentrator. Under the System Configuration menu...locate the zipped digital certificate file on your certificate and will display as shown in the Current Certificates table. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 3. In the Import Digital Certificate table, select Browse to the instructions later in the left ...
SSL312 User Manual
Page 32
... the inactive certificate from the View Certificate window. 2-14 v2.1, November 2008 Installing the SSL312 Enter the Certificate Password and click Enable. It is active. Click Delete do delete the certificate. The SSL VPN Concentrator software will not be displayed if the SSL certificate is extremely important that certificate. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 5. To delete a certificate, upload and...
... the inactive certificate from the View Certificate window. 2-14 v2.1, November 2008 Installing the SSL312 Enter the Certificate Password and click Enable. It is active. Click Delete do delete the certificate. The SSL VPN Concentrator software will not be displayed if the SSL certificate is extremely important that certificate. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 5. To delete a certificate, upload and...
SSL312 User Manual
Page 35
... requires three items: a User Name, a Password, and a Domain selection. The Domain determines the authentication method to access the network. Authentication Domains To view the SSL VPN Concentrator Domains window from the Administrative User Interface, click the Domains option under the Access Administration menu in the left navigation pane. 3-1 v2.1, November 2008 Chapter 3 Authenticating Users...
... requires three items: a User Name, a Password, and a Domain selection. The Domain determines the authentication method to access the network. Authentication Domains To view the SSL VPN Concentrator Domains window from the Administrative User Interface, click the Domains option under the Access Administration menu in the left navigation pane. 3-1 v2.1, November 2008 Chapter 3 Authenticating Users...
SSL312 User Manual
Page 36
... themes, banners, etc.) must be associated with user names and passwords stored in a local user database on the SSL VPN Concentrator. Local User Database Authentication You can create multiple domains that use the internal user database authentication or require authentication to ... different portal layouts to internal user database authentication. Additional domains may be listed in the table in the Domains window. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Figure 3-1 All of the configured domains will be created that authenticate users with a domain, multiple ...
... themes, banners, etc.) must be associated with user names and passwords stored in a local user database on the SSL VPN Concentrator. Local User Database Authentication You can create multiple domains that use the internal user database authentication or require authentication to ... different portal layouts to internal user database authentication. Additional domains may be listed in the table in the Domains window. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Figure 3-1 All of the configured domains will be created that authenticate users with a domain, multiple ...
SSL312 User Manual
Page 37
... SSL VPN Concentrator will display. Click Add Domain. This is not required, but it allows you can define additional layouts in . In the Portal Layout Name pull-down menu, select Local User Database. 3. From the Authentication Type pull-down menu, select the name of the layout. From the Access Administration menu, select Domains. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312...
... SSL VPN Concentrator will display. Click Add Domain. This is not required, but it allows you can define additional layouts in . In the Portal Layout Name pull-down menu, select Local User Database. 3. From the Authentication Type pull-down menu, select the name of the layout. From the Access Administration menu, select Domains. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312...
SSL312 User Manual
Page 38
...in which the client sends a password in clear text. The Domains window will apply to the users. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual For example, if you create a RADIUS domain in the SSL VPN Concentrator called "Miami RADIUS server", you are members of the "Miami RADIUS...specifies the authentication method to groups that is calculated using public key cryptography. Then, when users log in the SSL VPN Concentrator, then only the global settings, policies and bookmarks will display. Configuring for RADIUS authentication. 3-4 Authenticating Users v2...
...in which the client sends a password in clear text. The Domains window will apply to the users. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual For example, if you create a RADIUS domain in the SSL VPN Concentrator called "Miami RADIUS server", you are members of the "Miami RADIUS...specifies the authentication method to groups that is calculated using public key cryptography. Then, when users log in the SSL VPN Concentrator, then only the global settings, policies and bookmarks will display. Configuring for RADIUS authentication. 3-4 Authenticating Users v2...
SSL312 User Manual
Page 39
...name users will display. If an authentication secret is SSL-VPN. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Figure 3-3 3. Configuring for the authentication domain. You can define additional layouts in order to update the configuration. The Domains window will select in the Portal Layouts page. 7. Click ...Apply to log into the SSL VPN portal. 4. In the Domain Name field, enter a descriptive name for NT ...
...name users will display. If an authentication secret is SSL-VPN. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Figure 3-3 3. Configuring for the authentication domain. You can define additional layouts in order to update the configuration. The Domains window will select in the Portal Layouts page. 7. Click ...Apply to log into the SSL VPN portal. 4. In the Domain Name field, enter a descriptive name for NT ...
SSL312 User Manual
Page 40
... 3-4 3. This is the domain name configured on the Windows authentication server for the authentication domain. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 2. From the Authentication Type menu, select NT Domain. In the Domain Name field, enter a descriptive name for network authentication. 3-6 Authenticating Users v2.1, November 2008 The Add Domain window displays the fields for a domain with NT...
... 3-4 3. This is the domain name configured on the Windows authentication server for the authentication domain. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 2. From the Authentication Type menu, select NT Domain. In the Domain Name field, enter a descriptive name for network authentication. 3-6 Authenticating Users v2.1, November 2008 The Add Domain window displays the fields for a domain with NT...
SSL312 User Manual
Page 43
... be saved. For further information on querying an LDAP server from a Window server, please see: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/8196d68e776a-4bbc-99a6-d8c19f36ded4.mspx Configuring for LDAP Authentication To configure LDAP authentication, click Add Domain. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Querying an LDAP Server To query your LDAP or...
... be saved. For further information on querying an LDAP server from a Window server, please see: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/8196d68e776a-4bbc-99a6-d8c19f36ded4.mspx Configuring for LDAP Authentication To configure LDAP authentication, click Add Domain. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Querying an LDAP Server To query your LDAP or...
SSL312 User Manual
Page 45
... fields will display. It can log into the SSL VPN portal. Click Add Domain. 2. Authenticating Users v2.1, November 2008 3-11 The Domains window will display: Figure 3-6 3. Enter a descriptive ...SSL-VPN portal by either a Kerberos authentication server or a Windows Server 2000 or later running Active Directory. From the Authentication Type menu, select Kerberos. Users who have been defined in the Kerberos database can be the same value as the Server Address field or the Kerberos Domain field depending on the SSL VPN login page. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312...
... fields will display. It can log into the SSL VPN portal. Click Add Domain. 2. Authenticating Users v2.1, November 2008 3-11 The Domains window will display: Figure 3-6 3. Enter a descriptive ...SSL-VPN portal by either a Kerberos authentication server or a Windows Server 2000 or later running Active Directory. From the Authentication Type menu, select Kerberos. Users who have been defined in the Kerberos database can be the same value as the Server Address field or the Kerberos Domain field depending on the SSL VPN login page. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312...
SSL312 User Manual
Page 46
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 5. Note: The SSL VPN Concentrator "geardomain" domain cannot be synchronized. The time settings between the Windows server and the client (the SSL VPN Concentrator). The easiest way to solve this issue is to configure Network Time Protocol on the default login page. Enter the Kerberos or Active Directory domain ...
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 5. Note: The SSL VPN Concentrator "geardomain" domain cannot be synchronized. The time settings between the Windows server and the client (the SSL VPN Concentrator). The easiest way to solve this issue is to configure Network Time Protocol on the default login page. Enter the Kerberos or Active Directory domain ...
SSL312 User Manual
Page 52
Note: SSL VPN Concentrator policies apply to a predefined network resource, an individual host, a network, or all addresses. 3. Figure 4-3 2. In the Policy Name field, enter a name for the policy. In ... to a predefined network resource, select the name of the SSL VPN connection, not the source address. Note: User and group access policies will be applied to the destination address(es) of the resource from the Defined Resource menu. An Add Policy window displays. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Adding and Editing Global Policies To define global...
Note: SSL VPN Concentrator policies apply to a predefined network resource, an individual host, a network, or all addresses. 3. Figure 4-3 2. In the Policy Name field, enter a name for the policy. In ... to a predefined network resource, select the name of the SSL VPN connection, not the source address. Note: User and group access policies will be applied to the destination address(es) of the resource from the Defined Resource menu. An Add Policy window displays. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual Adding and Editing Global Policies To define global...
SSL312 User Manual
Page 53
Click Apply to update the configuration. The Global Policies will see the defined bookmarks from the SSL VPN portal. In the Global Bookmarks section, click Add Bookmark. Click Apply to update the configuration. From the Service pull-... 4. From the Status pull-down menu.) 6. An Add Bookmark window displays. Individual users will use from the highest priority policy to either permit or deny SSL VPN connections for the specified service and host machine. 6. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 4. Once the configuration has been updated, the new ...
Click Apply to update the configuration. The Global Policies will see the defined bookmarks from the SSL VPN portal. In the Global Bookmarks section, click Add Bookmark. Click Apply to update the configuration. From the Service pull-... 4. From the Status pull-down menu.) 6. An Add Bookmark window displays. Individual users will use from the highest priority policy to either permit or deny SSL VPN connections for the specified service and host machine. 6. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 4. Once the configuration has been updated, the new ...
SSL312 User Manual
Page 59
... bookmarks are defined, all users in the Group Settings window. Individual group members will see the defined bookmarks from the Screen Size drop-down menu, select the service type. 5. Once the configuration has been updated, the new group bookmark will use from the SSL VPN Portal. An Add Bookmark menu displays. In the... is the default group for an authentication domain, first delete all group members will not be displayed in the Group Bookmarks table in the group. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual To define group bookmarks: 1.
... bookmarks are defined, all users in the Group Settings window. Individual group members will see the defined bookmarks from the Screen Size drop-down menu, select the service type. 5. Once the configuration has been updated, the new group bookmark will use from the SSL VPN Portal. An Add Bookmark menu displays. In the... is the default group for an authentication domain, first delete all group members will not be displayed in the Group Bookmarks table in the group. NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual To define group bookmarks: 1.