USG firewall configure SSL VPN network extension

USG Firewall Configure SSL VPN to configure network extensions

Network expansion refers to the user on the local PC to install the USG network extension client, generate a virtual network card, the user through the virtual network card and enterprise intranet for SSL data communication.
Before the configuration to ensure that the license file has been loaded, the USG can access the internal network resources.
Configuration ideas:
1. In the USG to create a virtual gateway, external network users through this virtual gateway to access the enterprise network resources. The IP address of the virtual gateway is the public address of the egress.
2. Configure the DNS server address and domain name of the internal network so that users can access the virtual gateway's service through the domain name.
3. Configure the network extension function, assign IP addresses to the external network users and add the intranet resources that the external network users can access.
4. Configure the authentication mode as a certificate challenge (secondary authentication mode: VPNDB) and configure the authentication mode as VPNDB.
5. Add a VPNDB user. VPNDB user name that is the name of the client certificate, VPNDB password is the external network user login virtual gateway need to enter the password.
6. Configure the virtual gateway source IP policy.
7. Install the client certificate for the CA certificate on the PC side where you want to access the virtual gateway.

Scroll to top