NeoAccel SSL VPN-Plus™ SGX Installation Guide

Download Report

Transcript NeoAccel SSL VPN-Plus™ SGX Installation Guide

NeoAccel SGX Installation Guide
Dear Customer:
We are pleased to provide you with our training presentation for our SSL
VPN-Plus installing and license configuration to help you with your
deployment.
--The NeoAccel Support Team
© 2007 NeoAccel, Inc.
Table of Contents
SGX Installation Guide
License Upgrade Guide
© 2007 NeoAccel, Inc.
page 3
page 13
SGX Installation Guide
NeoAccel SSL VPN-Plus™
© 2007 NeoAccel, Inc.
Prerequisites to Get Started
• SSL VPN-Plus SGX Appliance(s)
• SGX-800
• SGX-1200
• SGX-2400
• A Desktop or Laptop connected to same switch as
the SGX appliance
• Management Console
• Require JRE 1.4.2 or above on administrator’s PC
• SSL VPN-Plus Access Terminals
• WAT: IE 5.0 & above, Firefox, Safari, NetScape
• QAT: Windows 2000 & above
• PHAT: Windows 2000 & Above, WinCE 5.0 & above Red Hat
9.0, Red Hat EL 3, Knoppix, Debian, MAC OSX 10.3, 10.4, 10.5
4
Powering ON the device
• Connect the power cable. Connect network cable
to eth0
Eth0: 192.168.10.230
SGX800
Eth0: 192.168.10.230
SGX1200
Eth0: 192.168.10.230
SGX2400
5
Connecting to the Gateway
• Power on the SGX appliance
• Connect a desktop to same switch the SGX is
connected to OR use a cross over cable to directly
connect to eth0 port on SGX
• Add one additional IP address to your desktop,
say 192.168.10.200
• If ping is allowed in network, try ping to
192.168.10.230.
6
Access Management Console
Open the default browser on your machine and visit the following URL to open the
SSL VPN-Plus Management Console
https://192.168.10.230/sslvpn-plus/nmc
Default credentials are admin/admin.
If your desktop does not have Java 1.4.2 or above, it will redirect you to download Java on your machine.
7
Networking Setup
• Go to INTERFACE screen and change the IP
address as per your network
• If you want to connection the SSL VPN-Plus
appliance in dual ARM mode
• Select eth1 as “private network”
• Say apply to apply changes
• Uncheck “single ARM mode” for neoeth0
• Say apply to apply changes
• For any other routing changes, please create
routers from ROUTE screen
8
Licensing Setup
• NeoAccel runs an online license server to provide
license to customers
• You need SSN (Software Serial Number) and
password to get a license from license server
• To get a license of SSL VPN-Plus, open
management console and go to LICENSE screen.
• Follow the instructions on screen to get/update
license
• Please refer to attached “Licensing guide” for
more details.
9
Deployment Options
Single ARM Mode in
DMZ
Parallel to Firewall
Internal
Workstation
Internal
Workstation
Internal Server
Internal Server
Internal Network
External Firewall
Internal Network
External Firewall
eth1
eth1
Internet
Internet
Router
SSL VPN-Plus
Gateway
Internet
10
Internet
Router
eth0
SSL VPN-Plus
Gateway
Deployment Options
Internal DMZ
External DMZ
Internal
Workstation
Internal
Workstation
Internal Server
Internal Server
Internal Network
Internal Network
External Firewall
External Firewall
Firewall: DMZ
eth1
Firewall: DMZ
eth1
eth0
Internet
Internet
Router
eth0
Internet
SSL VPN-Plus
Gateway
11
Internet
Router
SSL VPN-Plus
Gateway
Access SSL VPN-Plus Portal
• Open URL: https://<WAN side IP address of
gateway machine>/sslvpn-plus/
• Example: https://vpn.corporate.net/sslvpn-plus/
12
NeoAccel SSL VPN-Plus
License Upgrade Guide
© 2007 NeoAccel, Inc.
SSL VPN-Plus Licensing
• Licensing based upon
• Number of days
• Maximum concurrent users
• SSL VPN-Plus features
•Two types of licenses
• Registered: Variable parameters
• Evaluation: 30 days, max 25 users
• Global license server:
https://utils.sslvpn-plus.net/sslvpn-plus/users/
• License management through management console
14
Prerequisites
• You need the Software Serial Number (SSN) and
password to access NeoAccel License Server
• The SSN no. and password are specified on the
one page main document you have got with the
appliance.
• If you need any help with licensing write to
[email protected] or call Technical Support at
+1.408.436.1000
• To get the license you need Internet connectivity
from your desktop from where you are logged on
to NeoAccel management Console.
15
#1: Open Management Console
Login into Management console
16
#2: Visit License Management Screen
Go to License management
screen. If license has expired, a
warning message will be shown
17
#3: Update License
Click on update button to update
license
Enter your SSN No. and click OK to
generate license request.
18
#4: License Request Generated
Click on “copy to Clipboard” to
copy the license request string
displayed in the control
Click on “Open License Server to
go to NeoAccel License Server
19
#5: Visit License Server
A new browser window is opened
in the default browser.
If you have Firefox set as default
browser, please copy the URL in
the address bar and use Internet
Explorer to open the license server
page.
Enter your SSN and password to
enter license server
20
#6: License Request Posting Page
You need to copy the license
request from management console
here.
21
#7: Post License Request
Copy the license request from
management console to license
server page.
Click on submit button to generate
license key.
22
#8: License Key is Generated
This is your license key which you
need to copy to management
console screen.
23
#9: Apply License Key
Copy the license key from license
server page to management
console.
Click Ok button to apply the
license
24
#10: License is Updated
Updated license information is
displayed here.
25
Contact NeoAccel
LICENSE SUPPORT
email: [email protected]
phone: 408.436.1000
TECHNICAL SUPPORT
email: [email protected]
phone: 408.436.1000
CORPORATE HEADQUARTERS
NeoAccel, Inc.
4340 Stevens Creek Blvd, Suite 275
San Jose, CA 95129 USA
TEL: +1 408 274 8000
FAX: +1 408 274 8044
EMAIL [email protected]
26