1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE...
  6. Manual

Accelerating The Traditional Novell Ssl Vpn; Configuring The Default Identity Injection Policy - Novell ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010 Manual

Ssl vpn server guide
Hide thumbs
Table of Contents

Advertisement

Accelerating the Traditional Novell
1 0
SSL VPN
NOTE: If you have installed the ESP-enabled Novell
that you have completed
Chapter 9, "Configuring Authentication for ESP-Enabled Novell SSL
VPN," on page
67.
If you have installed the traditional Novell SSL VPN, this is a mandatory configuration in order to
accelerate the SSL VPN server.
This section has the following information:
Section 10.1, "Configuring the Default Identity Injection Policy," on page 69
Section 10.2, "Injecting the SSL VPN Header," on page 70
10.1 Configuring the Default Identity Injection
Policy
The SSL VPN server requires a user credential profile consisting of the following elements:
Username and password information
A proxy session cookie
The roles assigned to the current user for authentication information
Each element added to the custom header requires a name with an "X-" prefix. The name you enter
is specific to the application using the custom header, and might be case sensitive. You need to
obtain this information from the application before creating the custom header. The Access Gateway
injects these headers into the SSL VPN server.
The SSL VPN server requires the following three headers:
Authentication header containing the credential profile with a username and password
Custom header containing a proxy session cookie element named X-SSLVPN-PROXY-
SESSION-COOKIE
Custom header containing roles for current user element, named X-SSLVPN-ROLE
You can configure Access Gateway to inject the client IP address as a custom header along with the
other three headers. This custom header should be named X-SSLVPN-CLIENTIP. This enables
logging of the client IP address for SSL VPN. This is an optional configuration and is not enabled by
default. If it is not enabled, the SSL VPN server reports it to the Audit server as a connection
accepted from
Unknown Host
To add this header to the SSL VPN policy:
1 In the Administration Console, click Devices > Access Gateways > Policies.
2 (Conditional) If you have not created the SSL VPN default policy, click Create SSL VPN
Default. Then click Apply Changes.
®
.
SSL VPN, skip this section and make sure

Accelerating the Traditional Novell SSL VPN

10
69

Advertisement

Table of Contents
loading

Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010

Related Content for Novell ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010

This manual is also suitable for:

Access manager 3.1 sp1

Table of Contents