Configuring SSL VPN
To create or edit an SSL VPN portal:
-
In Security > Network, select SSL-VPN Portals from the VPN dropdown menu.
-
Click Create or select a configuration and click Edit.
-
In the form, enter the following information:
Settings
Guidelines
Name
Enter a name for this SSL VPN portal. The value is a string with a maximum of 35 characters.
Limit Users to One SSL-VPN Connection at a Time
Enable or disable this limit.
Tunnel Mode
Enable or disable tunnel mode.
Split tunneling
Choose from the following options:
-
Disabled: All client traffic will be directed over the SSL VPN tunnel.
-
Enabled Based on Policy Destination: Only client traffic with a destination that matches the destination of the configured firewall policy will be directed over the SSL VPN tunnel.
-
Enabled for Trusted Destinations: Only client traffic that does not match explicitly trusted destinations will be directed over the SSL VPN tunnel.
This field is only available when Tunnel Mode is enabled.
Routing Address Override
Select the destination network that will be routed through the tunnel.
This field is only available when Split tunneling is enabled.
Source IP Pools
Select the source IP pools from which users acquire an IP address when connecting to the portal.
This field is only available when Tunnel Mode is enabled.
Web Mode
Enable or disable the SSL VPN web portal.
Portal Message
Enter a message that appears at the top of the web portal screen. The default is SSL-VPN Portal.
This field is only available when Web Mode is enabled.
Theme
Select the theme to use for the portal login page.
This field is only available when Web Mode is enabled.
Show Session Information
Enable or disable display of session information in the top banner of the web portal.
This field is only available when Web Mode is enabled.
Show Connection Launcher
Enable or disable display of the Quick Connection button.
This field is only available when Web Mode is enabled.
Show Login History
Enable or disable display of the user's login history.
This field is only available when Web Mode is enabled.
User Bookmarks
Enable or disable user bookmarks. If enabled, users can save their own bookmarks.
This field is only available when Web Mode is enabled.
Rewrite Content IP/UI/
Enable or disable contents rewrite for URIs containing IP-address/ui/.
This field is only available when Web Mode is enabled.
RDP/VNC clipboard
Enable or disable support of RDP/VPC clipboard functionality.
This field is only available when Web Mode is enabled.
-
-
Click Save.
To edit SSL VPN settings:
-
In Security > Network, select SSL-VPN Settings from the VPN dropdown menu.
-
In the form, enter the following information:
Settings
Guidelines
Enable SSL-VPN
Enable or disable SSL VPN.
Listen on Interface(s)
Select the interfaces to listen on for SSL VPN connections.
Listen on Port
Enter the port to listen on for SSL VPN connections.
Server Certificate
Select the server certificate.
Redirect HTTP to SSL-VPN
Enable or disable redirect of HTTP traffic to the SSL VPN tunnel.
Restrict Access
Select the access restriction from the following options:
-
Allow access from any host: Access is not restricted by host.
-
Limit access to specific hosts: Restrict access to the hosts specified in Hosts.
Idle Logout
Enable or disable logout of users after a period of inactivity, then enter the time, in seconds, in Inactive For.
Require Client Certificate
Enable to require an additional check of the client certificate.
Address Range
Specify the address range to assign to clients. Choose from the following options:
-
Automatically assign addresses: Allow the system to automatically assign IP addresses to connected clients.
-
Specify custom IP ranges: Select IP ranges in IP Ranges.
DNS Server
Select Same as client system DNS or select Specify then enter the DNS servers in DNS Server #1 and DNS Server #2.
Specify WINS Servers
Enable or disable specifying WINS servers, then enter the WINS servers in WINS Server #1 and WINS Server #2.
Language
Specify the language to use for the web portal in web mode. Choose from the following options:
-
Browser preference: Allow the user's browser to specify the language.
-
System: The web portal uses the same language as the system language.
Authentication/Portal Mapping
Add or edit mappings between Users/Groups and a Portal.
-
-
Click Save.