Remote desktop server SSL VPN-Plus settings

SSL VPN-Plus technology allows your employees to obtain a secure remote access to the cloud data center. It is possible to provide access only to the resources and data that are required and necessary, even if the access is made from a personal machine that is not managed by the company. 

 SSL VPN functionality is only available for configuration in the Edge Advanced mode.

SSL VPN Server settings

On the tab Datacenters\Networking\Edges choose Edge Gateway, and press Configure ServicesIn the window that appears, select the SSL VPN Plus tab.

On the tab Server Settings настройте следующие параметры сервера: IP4 address - external address for incoming connections, Port - port for incoming connections (usually, 443), Cipher list - encryption algorithms (AES recommended)

Create a pool of IP addresses for assigning client VPN by pressing [+] on the tab IP PoolIP Range / Netmask / Gateway - Address range, netmask and address Edge Gateway, Status:Enabled  - pool activation. 

 

Add the cloud network that is available for remote clients by pressing [+] on the tab Private Network: Network - using CIDR network address format, Status:Enabled  - network activation.

 

To configure the authentication server, click [+LOCAL] on the tab AuthenticationEnable password policy - password complexity policy (recommended), Password Length - 10+ characters (recommended), Minimum no. of alphabets/digits/special characters - minimum number of capital letters/numbers/special characters, Password should not contain user ID - ban on using user login in password, Password expires in / Expiry notification in - password expiration date / expiration warning, Enable account lockout policy - user lockout policy (recommended), Retry Count / Retry Duration - number of failed password entry attempts per time interval, Lockout DurationStatus:Enabled - authentication server activation.

 

To create a user account, click [+] on the tab UsersUser IDPassword / Retype PasswordEnabled - account activation.

 

Create the client software installation package by clicking [+] on the tab Installation PackagesProfile Name - Package Name, Gateway/Port - Gateway IP / Port, Linux/Mac - supporting additional operating systems (Windows client is generated automatically), Enabled - software package activation.

 

Enable SSL VPN server  by choosing Enabled on the tab Server Settings

 

Installing SSL VPN Client for Windows

Open the address in the browser https://<имя сервера>:<port>, login under the account of the created user, download and install the prepared client software package.

 

Run the installed client, click Login, and enter user credentials.

 

Additional notes. 

To differentiate access to cloud resources, it may be necessary to create filewall rules for accessing a pool of VPN clients to individual servers.

Additional manufacturer information on configuring SSL VPN-Plus: server setup, client setup

 

Have you tried Virtual cloud servers by Cloud4Y? Not yet? 

 

Leave a request and get a 10-day free trial. 

 

Смотреть подробности   

 

  • 284 Users Found This Useful
Was this answer helpful?

Related Articles

Site-to-Site VPN settings between Edge gateway and Juniper SRX

Scheme: How it works. A detailed description of the tunnel parameters can be found in a...

Mikrotik, Site to Site VPN

A detailed description of the tunnel parameters can be found in a separate article....

Site to Site IPsec Policy Based VPN between Edge Gateway and Mikrotik. Dual WAN (two providers)

This tutorial describes the Site to Site IPsec VPN configuration scenario between Cloud4Y (Edge...

Site to Site IPsec Policy Based VPN between Edge Gateway and Mikrotik. Routing multiple subnets

This tutorial covers a scenario where there are 2 local subnets on the client side and 2 local...

Fault-tolerant VTI over IPSec configuration with EDGE Gateway

Before you start GRE tunneling technology was added in NSX 6.4. This technology is implemented...