Table of Contents
Advertisement
Do not modify the ports unless it is absolutely necessary. Once the port is altered, the new port number
should be entered to the end of the URL address when endpoint use renters the address to connectSSL
VPN.
If the checkbox next to HTTP Port is selected, user can use HTTP protocol to communicate with the
SSL VPN. Access to SSL VPN is achieved by redirecting HTTP to HTTPS, for instance,
http://202.96.137.75is redirected to https://202.96.137.75. If HTTP Port is selected and configured, user
can only use HTTPS protocol, in which case, he/she needs tovisithttps://202.96.137.75.
3.
Configure PPTP/L2TP connection options
PPTP/L2TP connection:
Prohibit PPTP/L2TP incoming connection: configure as disallow PPTP/L2TP connection.
Permit PPTP incoming connection: allow phone users able access L3VPN resource.
Permit L2TP incoming: set the share key, phone users ca through L2TP VPN access L3VPN resource
from system.
If you enable L2TP access service, then automatically turn off SSL standard IPSecVPN device user
access. But won't impact Sangfor IPSec VPN access.
4.
Encryption protocol for data encrypt algorithms.
SSL/TLS Algorithm:
RSA: International encrypts Algorithm.
SM2: China encryption Algorithm
5.
Configure Web Agent Settings. Select Enable Web Agent for dynamic IP support to enable this feature,
and the Sangfor device will be able to get an IP using Web Agent dynamic addressing if it is not using a static
Internet IP address. To add a Web agent entry:
a.
Click Add to enter the Add Web Agent page, as shown below:
b.
Enter the Web Agent address into the Address field and click the OK button.
c.
To check connectivity of a Web Agent, select a Web Agent and click Test. If the address is correct, the
Sangfor device then can connect to this Web Agent; otherwise, connecting will fail, as shown in the
SANGFOR SSL M6.8EN User Manual
66
Hide quick links:
Advertisement
Table of Contents
