Table of Contents
Advertisement
2.2 Traditional Novell SSL VPN
The following figure shows the Novell Access Manager components and the process involved in
establishing a secure connection between a client machine and traditional Novell SSL VPN server.
In this type of deployment, the Linux Access Gateway accelerates and protects the SSL VPN server.
Figure 2-1
6
2
1
Browser
External IP: 192.23.45.4
Internal IP: 10.0.0.4
1. The user specifies the following URL to access the SSL VPN server:
https://<www.ag.novell.com>/sslvpn/login
<www.ag.novell.com> is the DNS name of the Access Gateway that accelerates the SSL VPN
server, and /sslvpn/login is the path of the SSL VPN server.
2. The Access Gateway redirects the user to the Identity Server for authentication, because the
URL is configured as a protected resource.
3. The Identity Server authenticates the user's identity.
4. The Identity Server propagates the session information to the Access Gateway through the
Embedded Service Provider.
5. The Access Gateway injects the SSL VPN policy for that user into the SSL VPN servlet. The
SSL VPN servlet processes the parameters and sends the policy information back to the Access
Gateway.
6. The SSL VPN checks if the client machine has sufficient security restraints. For more
information on client integrity checks, see
Integrity of Client Machine," on page
20
Novell Access Manager 3.1 SP1 SSL VPN Server Guide
Traditional Novell SSL VPN
Access
Gateway
4
3
7
SSL VPN
DNS: www.ag.novell.com
www.ag.novell.com/sslvpn
5
Identity
Server
7
Application
Chapter 14.1, "Configuring Policies to Check the
90.
Advertisement
Chapters
Table of Contents
Troubleshooting
