目 录
一、初始化设置 ............................................................................................................. 2
1.1、通过Console连接SSL VPN ...................................................................... 2 1.2、填写初始化信息 ................................................................................................ 2 1.3、使用浏览器连接SSL VPN ............................................................................ 4
二、SSL VPN基本设置 ............................................................................................. 4
2.1、网络接口设置 .................................................................................................... 4 2.2、设置SSL VPN的License ............................................................................ 5 2.3、添加用户认证服务器 ....................................................................................... 6 2.4、添加认证用户 .................................................................................................... 8 2.5、添加SSL VPN的认证域 ............................................................................. 10
三、角色映射和功能模块 ...................................................................................... 11
3.1、添加角色 ........................................................................................................... 11 3.2、角色映射 ........................................................................................................... 13 3.3、功能模块 ........................................................................................................... 15
四、使用SSL VPN的各个功能模块 ............................................................... 16
4.1、使用Core功能模块 ...................................................................................... 17 4.2、使用SAM功能模块 ...................................................................................... 18 4.3、使用Network Connect模块 ...................................................................... 22
五、资源访问控制 ...................................................................................................... 24
5.1、Core和SAM的资源访问控制 .................................................................. 25 5.2、SAM和NC的资源访问控制 ..................................................................... 26
六、设备管理 ................................................................................................................. 27
6.1、系统概览 ........................................................................................................... 27 6.2、日志系统 ........................................................................................................... 27 6.3、系统升级 ........................................................................................................... 29 6.4、设备排除 ........................................................................................................... 30
一、初始化设置
1.1、通过Console连接SSL VPN
SSL VPN的初始化是通过设备的Console端口完成的,Console的设置如下:9600,8,N,1。
在管理员的计算机上使用任意终端软件,包括HyperTerminal,Crt,SecureCrt等等都行。把设备的Console线连接至SSL VPN的Console端口,开启电源开关,通过终端软件就能观察到设备启动自检的过程。 1.2、填写初始化信息
当系统自检到如下信息时:
Welcome to the initial configuration of your server!
NOTE: Press 'y' if this is a stand-alone server or the first machine in a clustered configuration.
If this is going to be a member of an already running cluster
press n to reboot. When you see the 'Hit TAB for clustering options' message press TAB and follow the directions. Would you like to proceed (y/n)?: y(选择Y)
Note that continuing signifies that you accept the terms of the Neoteris license agreement. Type \license agreement (the text is also available at any time from the License tab in the Administrator Console).
Do you agree to the terms of the license agreement (y/n/r)?: y(选择Y)
初始化网络信息:
Please provide ethernet configuration information IP address: 192.168.0.190
Network mask: 255.255.255.0 Default gateway: 192.168.0.254
(填入用户需要的IP地址,掩码和网关等信息。
注意:所有网络信息都会设置到SSL VPN的 Internal Interface上) Link speed [Auto]: 0) Auto
1) 1000 Mb/s, Full Duplex 2) 1000 Mb/s, Half Duplex 3) 100 Mb/s, Full Duplex 4) 100 Mb/s, Half Duplex
5) 10 Mb/s, Full Duplex 6) 10 Mb/s, Half Duplex Select 0-6: 0(选择用户需要的速率)
Please provide DNS nameserver information: Primary DNS server: 202.106.0.20
Secondary (optional): 202.99.8.1(填入用户需要的DNS地址,可以是内部的DNS服务器的IP地址)
DNS domain(s): juniper.net(填入用户需要的域名,无特别限制) Please provide Microsoft WINS server information: WINS server (optional):
确认初始化信息:
Please confirm the following setup: IP address: 192.168.0.190 Network mask: 255.255.255.0 Gateway IP: 192.168.0.254 Link speed: Auto
Primary DNS server: 202.106.0.20 Secondary DNS: 202.99.8.1 DNS domain(s): juniper.net WINS server:
Correct? (y/n): y(确认无误后,选择Y)
初始化安全信息:
Admin username: admin Password:
Confirm password:
The administrator was successfully created.(填入用户设定的管理员帐号和密码)
设置SSL VPN自签证书:
Please provide information to create a self-signed Web server digital certificate. Common name (example: secure.company.com): timerwell.juniper.net Organization name (example: Company Inc.): juniper (这个部分输入用户的证书信息,无特殊限制)
Please enter some random characters to augment the system's random key generator. We recommend that you enter approximately thirty characters.
Random text (hit enter when done): dkfjlkkjffieejjkdnfkkfjiiiffoperjoootpqe454646 (这个部分输入30个左右的字符以产生证书) Creating self-signed digital certificate...
The self-signed digital certificate was successfully created.
Congratulations! You have successfully completed the initial set up of your server. (当您看到这句话时证明你已经成功的初始化SSL VPN了) https://
Example: https:// 192.168.0.190/admin
(按照上述的提示,管理员可以通过URL https://192.168.0.190/admin来管理设备啦)
1.3、使用浏览器连接SSL VPN
如下图:
在这个Web页面中填入刚刚建好的管理员帐号和密码就可以登陆到SSL VPN进行管理啦,至此SSL VPN初始化过程完毕。
二、SSL VPN基本设置
2.1、网络接口设置
在初始化过程中我们设置了SSL VPN的Internal Interface,接下来我们设
置External Interface。
在浏览器上点击“Network--?External Port--?Setting”得到下图:
在上图中,填入相应的External Port设置,即完成了SSL VPN的网络初始
设置。
2.2、设置SSL VPN的License
SSL VPN要正常工作,必须要有合适的License,所以给SSL VPN添加
License是必不可少的。
在浏览器上点击“Configuration--?Licensing”得到下图:
百度搜索“77cn”或“免费范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读,免费范文网,提供经典小说教育文库juniper-四层VPN SSL-VPN WEB-VPN配置参考(图文讲解)在线全文阅读。
相关推荐: