1537| 7
|
H3C安全配置指导-SSL VPN配置详解 91页H3C官方VPN技术文档 |
H3C安全配置指导-SSL VPN配置详解 91页H3C官方VPN技术文档 目 录 1 SSL VPN ··········································································································································· 1-1 1.1 SSL VPN简介 ···································································································································· 1-1 1.2 SSL VPN的优点 ································································································································ 1-2 2 命令行方式配置SSL VPN ·················································································································· 2-1 2.1 配置准备 ············································································································································ 2-1 2.2 配置SSL VPN ···································································································································· 2-1 2.3 SSL VPN典型配置举例 ····················································································································· 2-2 3 Web方式配置SSL VPN网关 ··············································································································· 3-1 3.1 配置PKI ············································································································································· 3-2 3.1.1 PKI配置任务简介 ···················································································································· 3-2 3.1.2 新建PKI实体 ··························································································································· 3-5 3.1.3 新建PKI域 ······························································································································· 3-6 3.1.4 生成RSA密钥对 ······················································································································ 3-9 3.1.5 销毁RSA密钥对 ······················································································································ 3-9 3.1.6 获取和查看证书 ···················································································································· 3-10 3.1.7 申请本地证书 ························································································································ 3-11 3.1.8 获取和查看CRL ···················································································································· 3-12 3.2 配置SSL VPN服务··························································································································· 3-13 3.3 配置Web代理服务器资源 ················································································································ 3-14 3.4 配置TCP应用资源 ··························································································································· 3-16 3.4.1 配置远程访问服务资源 ········································································································· 3-17 3.4.2 配置桌面共享服务资源 ········································································································· 3-18 3.4.3 配置电子邮件服务资源 ········································································································· 3-19 3.4.4 配置Notes邮件服务资源 ······································································································· 3-21 3.4.5 配置通用TCP服务资源 ········································································································· 3-22 3.5 配置IP网络资源 ······························································································································· 3-24 3.5.1 配置全局参数 ························································································································ 3-24 3.5.2 配置主机资源 ························································································································ 3-26 3.5.3 配置固定IP ···························································································································· 3-28 3.5.4 配置预置域名 ························································································································ 3-29 3.6 配置资源组 ······································································································································ 3-30 3.7 配置本地用户 ··································································································································· 3-31 3.7.1 手工配置本地用户 ················································································································· 3-31 3.7.2 批量导入本地用户 ················································································································· 3-34 3.8 配置用户组 ······································································································································ 3-35 3.9 查看用户信息 ··································································································································· 3-37 3.9.1 查看在线用户信息 ················································································································· 3-37 3.9.2 将在线用户强制下线 ············································································································· 3-37 3.9.3 查看历史用户信息 ················································································································· 3-37 3.10 配置域基本策略 ····························································································································· 3-38 3.10.1 配置域策略 ·························································································································· 3-38 3.10.2 配置缓存策略 ······················································································································ 3-39 3.10.3 配置公告 ····························································································································· 3-40 3.11 配置认证策略 ································································································································· 3-41 3.11.1 配置本地认证 ······················································································································ 3-42 3.11.2 配置RADIUS认证················································································································ 3-42 3.11.3 配置LDAP认证 ···················································································································· 3-48 3.11.4 配置AD认证 ························································································································ 3-50 3.11.5 配置组合认证 ······················································································································ 3-51 3.12 配置安全策略 ································································································································· 3-52 3.13 配置用户界面定制 ························································································································· 3-55 3.13.1 配置用户界面部分定制 ······································································································· 3-57 3.13.2 配置用户界面完全定制 ······································································································· 3-59 4 用户访问SSL VPN ····························································································································· 4-1 4.1 登录SSL VPN服务界面 ····················································································································· 4-1 4.2 使用SSL VPN资源····························································································································· 4-3 4.3 查看帮助信息 ····································································································································· 4-3 4.4 修改登录密码 ····································································································································· 4-4 5 SSL VPN典型配置举例 ······················································································································ 5-1 5.1 组网需求 ············································································································································ 5-1 5.2 配置步骤 ············································································································································ 5-2 5.2.1 配置SSL VPN服务 ·················································································································· 5-2 5.2.2 配置SSL VPN访问资源 ··········································································································· 5-5 5.2.3 配置SSL VPN用户 ················································································································ 5-11 5.2.4 配置SSL VPN域 ···················································································································· 5-14 5.3 配置结果验证 ··································································································································· 5-17
购买主题
本主题需向作者支付 5 金币 才能浏览
| |
发表于 2014-3-16 11:53:10
|
显示全部楼层
| ||
发表于 2014-3-24 18:56:06
|
显示全部楼层
| ||
发表于 2015-10-1 09:02:19
|
显示全部楼层
| ||
发表于 2016-12-29 22:52:46
|
显示全部楼层
| ||
发表于 2016-12-30 06:35:01
|
显示全部楼层
| ||
发表于 2016-12-30 09:21:43
|
显示全部楼层
| ||