R2511-HP MSR Router Series Web-Based Configuration Guide(V5)
vii
Configuring IPsec VPN ················································································································································ 1
Overview ············································································································································································ 1
Recommended configuration procedure························································································································· 1
Configuring an IPsec connection ····································································································································· 2
Displaying IPsec VPN monitoring information ··············································································································· 9
IPsec VPN configuration example ································································································································ 10
Configuration guidelines ··············································································································································· 12
Configuring L2TP ························································································································································ 14
Enabling L2TP ································································································································································· 15
Adding an L2TP group ·················································································································································· 15
Displaying L2TP tunnel information ······························································································································ 21
Client-initiated VPN configuration example ················································································································ 21
Configuring GRE ························································································································································ 26
Overview ········································································································································································· 26
Configuring a GRE over IPv4 tunnel ···························································································································· 26
Recommended configuration procedure ············································································································· 26
Creating a GRE tunnel ·········································································································································· 26
GRE over IPv4 tunnel configuration example ·············································································································· 28
SSL VPN overview ······················································································································································ 35
How SSL VPN works ······················································································································································ 35
Advantages of SSL VPN ················································································································································ 36
Configuring SSL VPN gateway ································································································································· 37
Recommended configuration procedure······················································································································ 37
Configuring the SSL VPN service ································································································································· 38
Configuring Web proxy server resources ··················································································································· 40
Configuring TCP application resources ······················································································································· 42
Configuring a remote access service resource ··································································································· 43
Configuring a desktop sharing service resource ······························································································· 44
Configuring an email service resource ··············································································································· 45
Configuring a Notes service resource ················································································································· 46
Configuring a common TCP service resource ···································································································· 48
Configuring IP network resources ································································································································· 49
Recommended configuration procedure ············································································································· 49
Configuring global parameters ···························································································································· 49
Configuring host resources ··································································································································· 50
Configuring a user-IP binding ······························································································································ 52
Configuring a predefined domain name ············································································································ 53
Configuring a resource group ······································································································································ 54
Configuring local users ·················································································································································· 56
Adding a local user manually ······························································································································ 56
Importing local users in bulk ································································································································ 58
Configuring a user group ·············································································································································· 59
Viewing user information ·············································································································································· 61
Viewing online user information ·························································································································· 61
Logging out an online user ··································································································································· 61
Viewing history user information ························································································································· 61
Performing basic configurations for the SSL VPN domain ························································································· 62
Configuring the domain policy ···························································································································· 62
Configuring the caching policy ··························································································································· 64
Configuring a bulletin ··········································································································································· 64
Configuring authentication policies ····························································································································· 65
Configuring local authentication ························································································································· 66