Table of Contents
Advertisement
SSL VPN Portal
Stormshield Network's SSL VPN allows your mobile or static users to connect to your company's
resources securely.
The SSL VPN configuration screen consists of 4 tabs:
General: Allows enabling the module, selecting the access type and configuring advanced
l
properties.
Web servers: Stormshield Network's SSL VPN allows securing access to your HTTP servers
l
(Intranet, webmail,...) while avoiding the need to manage multiple HTTP servers. Furthermore,
for mobile users, it allows masking information about your internal network, the only visible IP
address
Stormshield Network's SSL VPN automatically rewrites HTTP links found in web pages that
your users visit. This allows browsing between your various servers, if they have been
configured, or prohibiting access to certain servers. When a web link in a page points to an
unconfigured server, the link will be redirected to the Stormshield Network SSL VPN start page.
Application servers: This section shows the servers that have been configured for access to
l
resources other than web-based resources (telnet, mail, etc)
Stormshield Network's SSL VPN enables securing any protocol based on a single TCP
connection (POP3, SMTP, telnet, remote access, etc). For protocols other than HTTP, the client
that allows secure connections is a Java applet, which will open an encrypted tunnel. All
packets exchanged between the client workstation and the firewall are encrypted.
Stormshield Network'S SSL VPN does not impose any client installations on your users'
workstations and natively supports operating systems that have Java installed (Windows,
Linux, MAC OS-X,...).
You only need to configure the servers which you intend to allow your users to access. These
servers will be added dynamically to the list of authorized servers the next time your users
load the java applet.
The java applet opens listening ports on the client workstation, and client tools will need to
connect to these ports in order to pass through the secure tunnel set up between the applet
and the firewall. It is necessary to ensure that the chosen port is accessible to the user
(where privileges are concerned) and that there is no conflict with another port used by
another program. These servers will be added dynamically. These can be used for control
purposes and/or transparent authentications on the source of requests.
User profiles: If you wish to restrict access to servers defined in the SSL VPN configuration,
l
you need to define profiles that contain the list of authorized servers, then assign them to
users.
"General" tab
Enable SSL VPN: Allows enabling SSL VPN and choosing from three options offers in the table
below.
Access only to web
servers
Access only to
application servers
Access to both web
and application servers
Page 334/448
being
Use of the SSL VPN module to access web-based resources. Enables the Web servers
tab.
Use of the SSL VPN module to access resources on a TCP connection. Enables the
Application servers tab.
Use of the SSL VPN module to access web-based and TCP-based resources. Enables
both the Web servers and Application servers tabs.
SNS - USER CONFIGURATION MANUAL V.3
your
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SSL VPN PORTAL
firewall's.
- Quick Links:
- Administrator Management
Hide quick links:
Advertisement
Table of Contents
