EasyManua.ls Logo

Quantum SPARK 1500 - Page 334

Quantum SPARK 1500
461 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring Advanced Remote Access Options
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|334
To route all traffic from VPN remote access clients through the gateway:
1. Select the Route Internet traffic from connected clients through this gateway
checkbox.
2. Starting from R81.10.10, select the Restrict VPN Remote Access implied rule
checkbox to disable implied rules and restrict VPN Remote Access according to the
Access Policy.
3. Click Apply
Normally, only traffic from the VPN clients into the organization's encryption domain is
encrypted and sent through the VPN tunnel to the gateway. Selecting the above checkbox
causes all traffic from the VPN clients to be encrypted and sent to the gateway. Traffic to
locations outside the organization are enforced in this case by the outgoing access Policy. For
more information, see Access Policy Firewall Blade Control and Policy pages.
Note - This setting does not apply to traffic from SSL Network Extender clients.
To configure a local encryption domain manually for remote access users only:
The local encryption domains are the internal networks accessible by encrypted traffic from
remote access VPN users. By default, the local encryption domain is determined automatically
by the appliance. Networks behind LAN interfaces and trusted wireless networks are part of
the local encryption domain.
Optionally, you can manually create a local encryption domain to be used by remote access
users only instead. It is possible to configure a different manual local encryption domain for
VPN remote access and VPN site to site. See VPN > Site to Site Blade Control page.
1. Click on the local encryption domain link: automatically according to topology or
manually. The link shown is a reflection of what is currently configured.
2. Select Define local network topology manually.
3. Click Select to show the full list of available networks and choose the relevant
checkboxes.
4. Click New if the existing list does not contain the networks you need. For information on
creating a new network object, see the Users & Objects > Network Objects page.
5. Click Apply
The Remote Access Local Encryption Domain window opens and shows the services
you selected.

Table of Contents

Related product manuals