Filter
Top Products
SSL VPN > Client Routes
943
SonicOS 5.8.1 Administrator Guide
SSL VPN > Client Routes
The SSL VPN > Client Routes page allows the administrator to control the network access
allowed for SSL VPN users. The NetExtender client routes are passed to all NetExtender
clients and are used to govern which private networks and resources remote user can access
via the SSL VPN connection.
The following tasks are configured on the SSL VPN > Client Routes page:
• “Configuring Tunnel All Mode” section on page 943
• “Adding Client Routes” section on page 944
Configuring Tunnel All Mode
Select Enabled from the Tunnel All Mode drop-down list to force all traffic for NetExtender
users over the SSL VPN NetExtender tunnel—including traffic destined for the remote user’s
local network. This is accomplished by adding the following routes to the remote client’s route
table:
NetExtender also adds routes for the local networks of all connected Network Connections.
These routes are configured with higher metrics than any existing routes to force traffic
destined for the local network over the SSL VPN tunnel instead. For example, if a remote user
is has the IP address 10.0.67.64 on the 10.0.*.* network, the route 10.0.0.0/255.255.0.0 is
added to route traffic through the SSL VPN tunnel.
Note To configure Tunnel All Mode, you must also configure an address object for 0.0.0.0, and
assign SSL VPN NetExtender users and groups to have access to this address object.
IP Address Subnet mask
0.0.0.0 0.0.0.0
0.0.0.0 128.0.0.0
128.0.0.0 128.0.0.0