Loading...

SnapProtect VPN: Options

This page provides help content for dialog boxes in the VPN Config tab of the Network Properties for Client dialog box. These include:

  • VPN Client (including its Add and Edit functions)
  • VPN Router (including Allow and Deny lists, with their Add and Edit functions)
  • Remote Client Access (with its Add function)

VPN Client

Use this dialog box to configure the VPN Client feature on a client computer. VPN Client enables the computer to be used to access resources that are available on an internal network that supports a virtual private network tunnnel connection.

Enable VPN client on this computer
Select this option to enable the client to use the VPN Client feature.

Rules

The Rules area shows the routing rules that are currently defined for the client.

Available operations include:

Add
Add a new rule to the list by clicking Add.
Edit
Change a rule that is already in the list by selecting the rule, then clicking Edit.
Remove
Remove a rule that is already in the list, by selecting the rule, then clicking Remove.
Move
Move a rule that is already in the list by selecting the rule, then clicking the up or down arrows to the right of the list. Rules are evaluated in top-to-bottom order, and the first match is used.

VPN Client Configuration

This dialog box provides these options:

Condition

Host matches pattern
Select this option when you want to route based on matching a pattern to a destination, then enter the pattern in the box.
Host is locally resolvable
Select this option when you want to route based on your local DNS information.

Router

Forward to VPN Router
Select this option to route to hosts that match the above pattern through an available VPN router, then select a router name from the list.
Connect directly
Select this option to connect directly to hosts that match the pattern, rather than going through a VPN router.

VPN Router

Use this tab to designate a client or client group as a VPN Router and to configure allow and deny lists for users using specific clients. Groups are shown in bold face.

This client works as a VPN router
Select this option to enable the client or client group to provide VPN router services. Note: If you select this option, you cannot leave the Allow List empty.
Allow List
This area shows the rules currently defined for allowing users to connect to services provided from the internal network.
Options available for the Allow List include:
  • Add: Add a new rule to the list.
  • Edit: Change a rule that is already in the list by selecting the rule, then clicking this button.
  • Remove: Delete a rule that is already in the list by selecting the rule, then clicking this button.
Deny List
This area shows the rules currently defined for preventing users from connecting to services provided from the internal network.
Options available for the Allow List include:
  • Add: Add a new rule to the list.
  • Edit: Change a rule that is already in the list by selecting the rule, then clicking this button.
  • Remove: Delete a rule that is already in the list by selecting the rule, then clicking this button.

VPN Router Access Control Entry

Use this dialog box to add or change entries in the VPN Router Allow List or Deny List.

User or User Group
This list displays the current list of users and/or user groups that the rule applies to.
Client or Client Group
This list displays the current list of clients and/or client groups that the rule applies to.
Destination
Use this area to set the destinations that the user-client combinations can reach. Options include:
  • All Hosts in LAN: Selecting this option allows reaching all hosts within the local area network.
  • IPs: Select this option to control access by entering IP address information. Wildcards are supported, as are CIDR values for subnetting.
  • Hosts: Select this option to control access by entering host names. Separate multiple names by commas.
Destination Ports
Use this area to set the ports that the user-client combinations can reach. Enter single ports or ranges, separated by commas, as indicated.-

Add User, User Group, Client or Client Group

This dialog lets you select an entity to add to a list.

Search
Type characters in this list to filter the entries it shows. As you type, the list updates with user names that contain those characters.
Select
Click on names in the list. Multi-selection using the CTRL and SHIFT keys is supported.

Add New User Groups

This dialog lets you select an external group name to add to a Users and User Groups list.

Select a Domain
Click on the list and select a domain from which to add a group.
Available External Groups
Click on the list and select a name. Multi-selection using the CTRL and SHIFT keys is supported.

Remote Client Access

Use this dialog box to configure Remote Client Access parameters.

Allow connecting to this client's services across firewall via proxy
To enable remote client access on this client, select this option, then select a proxy server from the list.

Services

Select one or more services that clients can access when connecting to this client.

Users

Options in the Users area include the ones listed here.

Any owner of this client
To allow all users who are listed as this client's owners to remotely access the client, select this option.
Specify users and/or user groups
To allow users who are not owners of the client to remotely access the client, select this option, then click Add to select users and add them to the User/Group list. Highlight entries in the list and click Remove to delete entries.