Search Results

This VPN protocol is preferable and recommended for all usage scenarios.Instructions for setting up VPN connections on different operating systems are available here.  Setting up VPN Server in SafeUTM To enable authorization by IKEv2, check the correspon...

SSTP (Secure Socket Tunneling Protocol) is a protocol of secure traffic tunneling based on SSL/TLS. It is supported by Windows OS Vista and above, as well as Mikrotik, Keenetic routers, and others. If possible, do not use this type of connection. This conne...

If possible, do not use this type of connection. This connection method can be unstable, has huge redundancy, has low performance, and does not support the strongest encryption. IPsec-IKEv2 is recommended instead.All modern operating systems support IKEv2, o...

To quickly configure user connections, you can enable access to the SafeUTM web interface. In the personal account accessible with the use of SafeUTM accounts details (local or domain, in case of integration with Active Directory), users will be able to dow...

If VPN is required only to access local network resources If you need to access the Internet directly through your provider, and you need to use a VPN only to access corporate network resources on computers connected via VPN, you need to configure the follo...

Use ready-made scripts downloaded from your server to create a VPN connection in Windows versions 8.1 and 10. If you are using Windows 7, you must create the connection manually (see Manually create user-side VPN connections). Which VPN protocol should I...

The section allows you to bind a specific IP address for a specific user for VPN connections. If you create a fixed binding for any user, then only one active VPN session will be possible for this user. For example, you have a host on a local network that ...

This type of authorization allows you to create an authorization rule for a specific UTM user from a specific subnet In order not to register each device as a separate UTM user and not to fix authorization factors for it, you can use Subnet Authorization. ...

SafeUTM provides the possibility of one-way synchronization with a domain based on Microsoft Active Directory. Only accounts are imported, excluding passwords. When the user undergoes the authorization procedure, verification is carried out by means of Acti...

Import accounts from Active Directory, see Import of Users for details. Setting up user authorization For users imported from Active Directory, all types of user authorization are available. The most commonly used user authorization options are Single Si...

Go to the tab Users -> Active Directory. Click Add. Fill in the following fields: Domain: enter the full domain name (domain DNS name, i.e., domain name, not domain controller). Maximum 64 characters. For example, mydomain.example AD DNS server...

Authorization and de-authorization of users are possible in fully automatic mode. For that, you need to configure scripts executed when users log on and log out of the system. For example, it can be done using domain group policies (GPOs). For these scripts ...

Import of Accounts from LDAP SafeUTM implements the possibility to import accounts from the Active Directory LDAP directory (hereinafter referred to as AD). Import is carried out by LDAP/LDAPS protocols (LDAPS protocol does not require additional settings f...

Automatic creation of a user with authorization by IP address for a device trying to access the internet via SafeUTM. Netscan creates MAC authorization for local addresses on a single Ethernet segment. If the device is located on a local network behind a ro...

Configuring access point and router modes. In the current version, SafeUTM does not support Wi-Fi adapters. For wireless clients to work, it is necessary to use special wireless access points or Wi-Fi routers. To access the internet, users connected via Wi...

This section contains data about users authorized on the server, interfaces, and CPU utilization, as well as traffic data in real-time. Authenticated users The full list of users authenticated in UTM can be viewed as a table in the section Monitoring -> ...

Contains general statistics on authorized users, the number of VPN connections, CPU and disk usage, etc. This module allows you to view graphs about the state of UTM in real-time. The horizontal scale of the graph is always time (depending on the selected i...

The section Monitoring -> Traffic Monitor displays data about traffic (inbound/outbound, speed, number of sessions) passing through SafeUTM in real-time. In order to enable traffic monitoring, you need to launch the Application Control module. By nodes of ...

To switch the section to working mode, switch the slider to the On position. This module allows you to monitor the operation of SafeUTM using the SNMP protocol versions 1/2c and 3. To do this, you need to configure the login, password, and encryption key. ...

Enabling this module makes it possible to transfer all SafeUTM system messages (Syslog) to third-party collectors (Syslog Collector) or to SIEM systems. Forwarding System Messages Any private (local) or public (external) IP address can be specified as a co...