196 | SRA
6.0
Administrator’s
Guide
policy for a specific service (for example RDP) will take precedence over a policy that
applies to all services.
User policies take precedence over group policies and group policies take precedence over
global policies, regardless of the policy definition. A user policy that allows access to all IP
addresses will take precedence over a group policy that denies access to a single IP
address.
To add NetExtender client routes, perform the following steps:
Step 1
Navigate to the
NetExtender
>
Client Routes
page.
Step 2
Select
Enabled
from the
Tunnel All Mode
drop-down list to force all traffic for this user—
including traffic destined to the remote users’ local network—over the SRA NetExtender tunnel.
Step 3
Click the
Add Client Route
button. The
Add Client Route
dialog box displays.
Step 4
In the
Add Client Route
dialog box, in the
Destination Network
field, type the IP address of
the trusted network to which you would like to provide access with NetExtender. For example,
if you are connecting to an existing DMZ with the network 192.168.50.0/24 and you want to
provide access to your LAN network 192.168.168.0/24, you would enter 192.168.168.0.
You can enter an IPv6 route in the
Destination Network
field, in the form 2007::1:2:3:0.
Step 5
For an IPv4 destination network, type the subnet mask in the
Subnet Mask/Prefix
field using
decimal format (255.0.0.0, 255.255.0.0, or 255.255.255.0). For an IPv6 destination network,
type the prefix, such as 112.
Step 6
Click
Add
.
Step 7
Repeat this procedure for all necessary routes.
NetExtender User and Group Settings
Multiple range and route support for NetExtender enables network administrators to easily
segment groups and users without the need of configuring firewall rules to govern access. This
user segmentation allows for granular control of access to the network—allowing users access
to necessary resources while restricting access to sensitive resources to only those who
require it. This section contains the following subsections:
•
“Configuring User-Level NetExtender Settings” section on page 196
•
“Configuring Group-Level NetExtender Settings” section on page 200
Configuring User-Level NetExtender Settings
All of the global settings for NetExtender (IP address ranges, DNS settings, client routes, and
client connection settings) can be configured at the user and group levels. Multiple range and
route support for NetExtender enables network administrators to easily segment groups and
users without the need of configuring firewall rules to govern access. This user segmentation
allows for granular control of access to the network—allowing users access to necessary
resources while restricting access to sensitive resources to only those who require it.
To configure custom settings for individual users, perform the following steps:
Содержание PowerEdge 4200 Series
Страница 1: ... 1 SRA 6 0 Administrator s Guide ...
Страница 10: ...10 SRA 6 0 Administrator s Guide ...
Страница 128: ...128 SRA 6 0 Administrator s Guide ...
Страница 176: ...176 SRA 6 0 Administrator s Guide ...
Страница 190: ...190 SRA 6 0 Administrator s Guide ...
Страница 212: ...212 SRA 6 0 Administrator s Guide ...
Страница 228: ...228 SRA 6 0 Administrator s Guide ...
Страница 342: ...342 SRA 6 0 Administrator s Guide ...
Страница 356: ...356 SRA 6 0 Administrator s Guide ...
Страница 358: ...358 SRA 6 0 Administrator s Guide ...
Страница 392: ...392 SRA 6 0 Administrator s Guide ...
Страница 416: ...416 SRA 6 0 Administrator s Guide ...
Страница 426: ...426 SRA 6 0 Administrator s Guide ...
Страница 436: ...436 SRA 6 0 Administrator s Guide ...
Страница 438: ...438 SRA 6 0 Administrator s Guide ...
Страница 439: ... 439 ...
Страница 440: ......