Accelerating The Traditional Novell Ssl Vpn - Novell ACCESS MANAGER 3.1 SP2 - SSL VPN SERVER GUIDE 2010 Manual

Application: Specifies the SSL VPN server application path.
Redirect Requests from Non-Secure Port to Secure Port: Specify this option to redirect the
browsers to the secure port in order to establish an SSL connection. If this option is not
selected, browsers that connect to the non-secure port are denied service.
SSL VPN Certificate: Configure a certificate for SSL.This certificate is used when SSL VPN
communicates with the SSL VPN server.
You can click the icon to select the default test-connector certificate created for SSL VPN. The
subject name of this certificate should match the DNS name of the SSL VPN server. For more
information, see the
Embedded Service Provider Certificate: Configure a certificate for the Embedded Service
Provider to communicate with the Identity Server. You can click the icon to select a certificate.
Make sure that the subject name of this certificate matches the DNS name of the SSL VPN
server. For more information, see
NOTE: Before you proceed with the configuration, verify if SSL VPN certificates are
imported into the trust store. To verify, log in to the Administration Console, select Security >
Trusted Roots, click the down arrow for the trusted root that you are interested in. Make sure
that two SSL VPN trust stores are displayed. If they do not exist, you must manually push the
certificates to the trust store.
The following URLs are displayed when the Published DNS name is populated:
Login URL: Displays the URL that you need to use for logging users in to the protected
resources.
Logout URL: Displays the URL that you need to use for logging users out of protected
resources.
Metadata URL: Displays the location of the metadata.
Health Check URL: Displays the location of the health check.
4 Restart the Tomcat server when prompted.
5 To save your modifications, click OK, then click Update on the Configuration page.
6 Click Update on the Identity Server Configuration page.
7 (Optional) Proceed with
Translation (NAT)," on page
details.

2.2 Accelerating the Traditional Novell SSL VPN

NOTE: If you have installed the ESP-enabled Novell SSL VPN, skip this section and make sure
that you have completed
VPN," on page 21.
If you have installed the traditional Novell SSL VPN, this is a mandatory configuration in order to
accelerate the SSL VPN server.
Section 2.2.1, "Configuring the Default Identity Injection Policy," on page 24
Section 2.2.2, "Injecting the SSL VPN Header," on page 24
Section 2.6, "Configuring Certificate Settings," on page
Section 2.6, "Configuring Certificate Settings," on page
Section 2.3, "Configuring the IP Address, Port, and Network Address
27, if you have not already configured the SSL VPN server
Section 2.1, "Configuring Authentication for the ESP-Enabled Novell SSL
35.
35.
Basic Configuration for SSL VPN 23