User manual

ZyWALL USG 300 User’s Guide
507
CHAPTER 26
SSL VPN
26.1 Overview
Use SSL VPN to allow users to use a web browser for secure remote user login
(the remote users do not need a VPN router or VPN client software.
26.1.1 What You Can Do in this Chapter
•Use the VPN > SSL VPN > Access Privilege screens (see Section 26.2 on
page 510) to configure SSL access policies.
•Use the Click VPN > SSL VPN > Global Setting screen (see Section 26.3 on
page 514) to set the IP address of the ZyWALL (or a gateway device) on your
network for full tunnel mode access, enter access messages or upload a custom
logo to be displayed on the remote user screen.
26.1.2 What You Need to Know
There are two SSL VPN network access modes: reverse proxy and full tunnel.
Reverse Proxy Mode
In reverse proxy mode, the ZyWALL is a proxy that acts on behalf of the local
network servers (such as your web and mail servers). As the final destination, the
ZyWALL appears to be the server to remote users. This provides an added layer of
protection for your internal servers.
With reverse proxy mode, remote users can easily access any web-based
applications on the local network by clicking on links or entering the provided URL.