ZyXEL Communications ZyWALL USG-Series - Setting an SSL VPN Rule Tutorial

ZyXEL Communications ZyWALL USG-Series

426 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Chapter 29 SSL VPN

ZyWALL / USG (ZLD) CLI Reference Guide

201

29.2.2 Setting an SSL VPN Rule Tutorial

Here is an example SSL VPN configuration. The SSL VPN rule defines:

• Only users using the “tester” account can use the SSL VPN.

• The ZyWALL / USG will assign an IP address from 192.168.100.1 to 192.168.100.10 (defined in

object “IP-POOL”) to the computers which match the rule’s criteria.

• The ZyWALL / USG will assign two DNS server settings (172.16.1.1 and 172.16.1.2 defined in

objects DNS1 and DNS2) to the computers which match the rule’s criteria.

• The SSL VPN users are allowed to access the ZyWALL / USG’s local network, 172.16.10.0/24

(defined in object “Network1”).

1 First of all, configure 10.1.1.254/24 for the IP address of interface ge2 which is an external

interface for public SSL VPN to access. Configure 172.16.10.254/24 for the IP address of interface

ge3 which is an internal network.

2 Create four address objects for the SSL VPN DHCP pool, DNS servers and the local network for SSL

VPN authenticated users to access.

3 Create the SSL VPN user account named tester with password 1234.

4 Create an SSL VPN rule named SSL_VPN_TEST. Enable it and apply objects you just created.

Router(config)# interface ge2

Router(config-if-ge)# ip address 10.1.1.254 255.255.255.0

Router(config-if-ge)# exit

Router(config)# interface ge3

Router(config-if-ge)# ip address 172.16.10.254 255.255.255.0

Router(config-if-ge)# exit

Router(config)# address-object IP-POOL 192.168.100.1-192.168.100.10

Router(config)# address-object DNS1 172.16.5.1

Router(config)# address-object DNS2 172.16.5.2

Router(config)# address-object NETWORK1 172.16.10.0/24

Router(config)# username tester password 1234 user-type user

Router(config)# sslvpn policy SSL_VPN_TEST

Router(policy SSL_VPN_TEST)# activate

Router(policy SSL_VPN_TEST)# user tester

Router(policy SSL_VPN_TEST)# network-extension activate

Router(policy SSL_VPN_TEST)# network-extension ip-pool IP-POOL

Router(policy SSL_VPN_TEST)# network-extension 1st-dns DNS1

Router(policy SSL_VPN_TEST)# network-extension 2nd-dns DNS2

Router(policy SSL_VPN_TEST)# network-extension network NETWORK1

Router(policy SSL_VPN_TEST)# exit

Table of Contents

Other manuals for ZyXEL Communications ZyWALL USG-Series

User Guide150 pages

Quick Start Guide8 pages

Application Notes187 pages

Related product manuals

Preview: ZyXEL Communications ZyWall

ZyXEL Communications ZyWall

Preview: ZyXEL Communications ZYWALL 5

ZyXEL Communications ZYWALL 5

Preview: ZyXEL Communications ZYWALL 35

ZyXEL Communications ZYWALL 35

ZyXEL Communications ZyWALL 310

Preview: ZyXEL Communications ZyWall 110

ZyXEL Communications ZyWall 110

Preview: ZyXEL Communications ZyWALL 1100

ZyXEL Communications ZyWALL 1100

Preview: ZyWALL 2 Plus

Preview: ZyWall ATP series

ZyWall ATP series

Preview: ZYWALL USG 20

Preview: ZYWALL USG CLI

Preview: ZyWALL USG 100 Series

ZyWALL USG 100 Series