4).
Designing & Planning??¦
Private IP vs. Corporate IP Address Pool
When you are planning the IP ranges to use for the IP pool, it is important to
think about the level of access you want to provide to the users of the Network
Connector. If you select Corporate, it is an easier confi guration as you have
more options regarding Internet access and additional networks. There is also
signifi cantly less router and fi rewall confi guration required, since the addresses
are already set up on your corporate network and fi rewalls. The trade off is
you get less security, because clients will be assigned IP addresses on your
corporate network. If you are unable to modify the corporate network routing
and fi rewalls to support the private address pool, this is generally a preferred
confi guration. You would then also select split tunneling under Internet access
on the Access Control tab. This confi guration allows the users of the Network
Connector access to the corporate network applications without the risk of
them having access to your entire network traffi c, and routing their Internet
traffi c through your corporate network. If you are unable to make the network
routing and fi rewall changes required for a private address pool or are
interested in a simpler confi guration, selecting Corporate IP Address pool is
the best option.
368 Chapter 10 ??? Confi guring Virtual Private Network Traffi c
Additional Networks
The Additional Networks tab is where you would select any other networks that should
be available to the Network Connector clients when they connect to the Network
Connector SSL VPN.
Pages:
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364