Allowing network access to external Web sites

Article:HOWTO81806  |  Created: 2012-10-25  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81806
Article Type
How To

Subject


Allowing network access to external Web sites

One reason for using Client IP address ranges is to allow network access to external Web sites from within your internal network. If an organization has computers on the corporate network that go out through the Gateway Enforcer appliance to access Web sites on the Internet, such as Symantec or Yahoo, the internal clients can query the Internet. However, the Gateway Enforcer appliance tries to authenticate the Web sites trying to respond to the client request.

Therefore internal clients connecting to the Internet through the Gateway Enforcer appliance are unable to access the Internet unless you configure the Client IP address range.

The Client IP address range may be all the IP addresses a VPN server would assign to any client.

For example, an internal client can access the Internet if Client IP address range is configured. When an internal user contacts a Web site, the site can respond to the client because its IP address is outside the client IP address range. Therefore the internal user does not need to be authenticated.

See Adding client IP address ranges to the list of addresses that require authentication.


Legacy ID



v9514284_v81664632


Article URL http://www.symantec.com/docs/HOWTO81806


Terms of use for this information are found in Legal Notices