UTM/VPN/SSL VPN-Roadwarrior

14.0.3

Zuletzt aktualisiert:

(06.2025)

12.7.3 12.6.2 12.5.1 12.4 12.2.2 12.2 11.8.7 11.7.1 11.7 11.6.12

notempty

Search Domain

Block Outside DNS

[[Datei: ]]

1

[[Datei: ]] 1

2

[[Datei: ]]

2

3


Name:	RW-Securepoint
	UDP
Port:	1194
\|\| CS-RW-Securepoint-Server \|\| notempty
	»192.168.175.0/24

[[Datei: ]]

3

4

[[Datei: ]]

4

5

[[Datei: ]]

5

[[Datei: ]]


		[[Datei: ]]
Name:	RW Securepoint
\|\| tun1 \|\|
Modus:	Server
	UDP (Default) TCP
Port:	1194
\|\| NONE LOCAL(Default) RADIUS Local OTP \|\|
\|\| CS-RW-Securepoint-Server \|\|
\|\| class=mw11 \| tls-authtls-crypt \|\|
notempty v12.6.1 \|\| SSL-VPN RW-Securepoint \|\|
\|\| AES-256-GCM \|\|
\|\| AES-256-GCM \|\|	Default BF-CBC DES-EDE-CBC DES-EDE3-CBC CAST5-CBC AES-128-CBC AES-192-CBC AES-256-CBC AES-128-GCM AES-192-GCM AES-256-GCM
\|\| SHA256 \|\|
\|\| SHA256 \|\|	Default SHA1 SHA224 SHA384 SHA512 whirlpool
\|\| \|\|
IPv4 Pool:	192.168.192.0/24
IPv6 Pool:	/64
\|\| \|\|
Search Domain:
Renegotiation:	1 (Default) 2 4 8 12



MTU:	1500	[[Datei: ]]
\|\| 1024 \|\|

\|\| \|\|
\|\| \|\|
Multihome:
LZO:
\|\| \|\|
Pass TOS:
\|\| 10 \|\|
\|\| 120 \|\|
\|\| 65536 Bytes \|\|
\|\| 65536 Bytes \|\|
\|\| 64 \|\|
\|\| 15 \|\|

	[[Datei: ]]

		[[Datei: ]]
Name:	SSL-VPN-RW-Network
\|\| \|\|
\|\| 192.168.192.0/24 \|\|
Zone:	vpn-ssl-RW-Securepoint
\|\| \|\|

			[[Datei: ]]

	SSL-VPN-RW-Network
	internal-network
	ms-rdp
	ACCEPT

		[[Datei: ]]

SSL-VPN
		[[Datei: ]]
	RW-Securepoint
\|\| \|\|
Remote Gateway:	192.0.2.192
Redirect Gateway:


\|\| RW-SSL-VPN \|\|
SSL-VPN			[[Datei: ]]
\|\| \|\|
Installer Portable Client

[[Datei: |hochkant=2|mini| ]]

'

SSL-VPN Client Installer

SSL-VPN Portable Client

[[Datei: |hochkant=2|mini| ]]

QoS

#				NAT	Logging
	internet	external-interface-ip3	openvpn-tcp	DN	3/Min	Accept
	internet	external-interface-ip2	https		3/Min	Accept

Troubleshooting

'

extc-Variable	Default
CONNECTION_RATE_LIMIT_TCP	0
CONNECTION_RATE_LIMIT_TCP_PORTS
CONNECTION_RATE_LIMIT_UDP	20 / 0
CONNECTION_RATE_LIMIT_UDP_PORTS		[ 1194 1195 ]


extc value get application securepoint_firewall spcli extc value get application securepoint_firewall \| grep RATE	application \|variable \|value --------------------+-------------------------------+----- securepoint_firewall \|… \|… \|CONNECTION_RATE_LIMIT_TCP \|0 \|CONNECTION_RATE_LIMIT_TCP_PORTS\| \|CONNECTION_RATE_LIMIT_UDP \|20 \|CONNECTION_RATE_LIMIT_UDP_PORTS\|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 20 system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 0 system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP_PORTS value [ 443 11115 ] system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP_PORTS value [ ] system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP value 20 system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP value 0 system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP_PORTS value [ 1194 1195 ] system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP_PORTS value [ ] system update rule
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 20 extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP_PORTS value [ 443 11115 ] extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP value 20 extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP_PORTS value [ ] system update rule