User Interface
R&S
®
GP-E/GP-S
107User Manual v16.2.1 ─ 01
Click " Activate" in the toolbar at the top of the desktop to apply your configuration
changes.
Only if the mail proxy has been activated, the other mail filter, antispam and antivirus
settings will have an impact. For more information, see Chapter 3.4.6.4, "Antispam Set-
tings", on page 103 and Chapter 3.4.6.5, "Antivirus Settings", on page 104.
If you use SSL inspection both in the mail filter and in firewall rules, you need to add
your CA to the truststore. For further information, see Chapter 4.9, "Setting Up the Mail
Filter with SSL Inspection", on page 152.
3.4.7 VPN
Use the " VPN" settings to configure gateprotect Firewall for use as a virtual private
network server to provide Client-to-Site (C2S) VPN connections, which enable remote
computers to securely access resources on the local network (via IPsec and
OpenVPN); and as a Site-to-Site (S2S) VPN gateway that creates a secure communi-
cation channel between two remote networks via the Internet (via IPsec and
OpenVPN).
Client-to-Site VPN Connections
With a Client-to-Site VPN connection a connection is made to the corporate network
from outside. Authentication is either effected with IPsec using issued certificates or a
so-called PSK (preshared key) or with OpenVPN using certificates.
Site-to-Site VPN Connections
With a Site-to-Site connection two locations are connected using an encoded tunnel to
a virtual network and exchanging data through this tunnel. The two locations can have
fixed IP addresses. Authentication is either effected with IPsec using issued certificates
or a so-called PSK (preshared key) or with OpenVPN using certificates.
IPsec
IPsec (Internet Protocol Security) is a set of protocols which works at the network layer
or the data link layer and secures the exchange of packets through untrusted networks
(such as the Internet) by authenticating and encrypting each IP packet of a communi-
cation session. IPsec meets highest security requirements.
IPsec connections can be operated in one of two modes, depending on the client set-
tings:
●
In split tunnel mode, only communication between the client and the internal net-
work (for example, a corporate network) is routed through gateprotect Firewall. Cli-
ents will be able to reach devices on the internal network through the tunnel. Pack-
ets intended for other destinations (such as the Internet) will not be routed through
gateprotect Firewall.
For example, suppose a user utilizes a remote access VPN software client con-
necting to a corporate network using a hotel wireless network. The user with split
Menu Reference
To Next Page
Loading...