How to configure SSL VPN when the USG firewall is connected to two lines

15

If the virtual gateway is exclusive, you can configure two virtual gateway addresses under a virtual gateway. Up to 3 IP addresses can be configured.
If the virtual gateway is a shared type, only one virtual gateway address can be configured under a virtual gateway. When a two-wire access is made, it is necessary to configure a virtual gateway for each line.

Other related questions:
The USG firewall configures the SSL VPN session timeout
By default, the SSL session timeout period is 5 minutes. The timeout time configuration command is ssl timeout. system-view [sysname] v-gateway abc [sysname-abc] basic [sysname-abc-basic] ssl timeout 10

The USG firewall configures SSL VPN file shares
The USG firewall configures SSL VPN file shares The main function of file sharing is to share the resources of different system servers (such as Windows systems that support SMB protocol, Linux systems that support NFS protocol) in the form of web pages. Before the configuration to ensure that the license file has been loaded, the USG can access the internal network resources. Configuration steps: 1. In the USG to create a virtual gateway, external network users through this virtual gateway to access the enterprise network resources. 2. Configure the DNS server address and domain name of the internal network so that users can access the virtual gateway's service through the domain name. 3. Configure file sharing, add file type resources for SMB type and NFS type. 4. Configure the authentication and authorization function.

USG firewall configure SSL VPN network extension
USG Firewall Configure SSL VPN to configure network extensions Network expansion refers to the user on the local PC to install the USG network extension client, generate a virtual network card, the user through the virtual network card and enterprise intranet for SSL data communication. Before the configuration to ensure that the license file has been loaded, the USG can access the internal network resources. Configuration ideas: 1. In the USG to create a virtual gateway, external network users through this virtual gateway to access the enterprise network resources. The IP address of the virtual gateway is the public address of the egress. 2. Configure the DNS server address and domain name of the internal network so that users can access the virtual gateway's service through the domain name. 3. Configure the network extension function, assign IP addresses to the external network users and add the intranet resources that the external network users can access. 4. Configure the authentication mode as a certificate challenge (secondary authentication mode: VPNDB) and configure the authentication mode as VPNDB. 5. Add a VPNDB user. VPNDB user name that is the name of the client certificate, VPNDB password is the external network user login virtual gateway need to enter the password. 6. Configure the virtual gateway source IP policy. 7. Install the client certificate for the CA certificate on the PC side where you want to access the virtual gateway.

The USG firewall configures the SSL VPN port for forwarding
The USG firewall configures the SSL VPN port for forwarding The port forwarding service is a secure application that provides TCP-based applications and is a non-Web application. Port forwarding controls user access at the application level to control the availability of services for various applications. Before the configuration to ensure that the license file has been loaded, the USG can access the internal network resources. Configuration step: 1. In the USG to create a virtual gateway, external network users through this virtual gateway to access the enterprise network resources. 2. Configure the DNS server address and domain name of the internal network so that users can access the virtual gateway's service through the domain name. 3. Configure the port forwarding function. 4. Configure the server to add users who need access to the relevant groups. 5. Configure the authentication and authorization function on the firewall. 6. Configure Group Policy to allow group users to access the associated server. 7. Configure the user destination IP policy to restrict users from accessing other intranet resources.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top