When configuring SSL VPN-Plus, there are essentially five things that you need to configure:
- SSL VPN-Plus server settings and encryption ciphers
- IP pool for remote users
- Private networks that should be tunneled over the VPN connection
- Authentication source and user account
- Package for operating system support
These items are the essential configuration parameters required to enable SSL VPN-Plus, and should be configured in the order defined above.
Once a user is authenticated, they establish a SSL VPN tunnel from their device to the ESG, they receive an IP address from the configured IP pool, and any private networks defined are then tunneled to the edge to their target destination. The configuration depicted in this recipe was for a split-tunnel VPN design, but a full-tunnel design can also be implemented if required.
SSL VPN-Plus tunneling mode:
Tunneling mode can be changed under the Client Configuration sub-menu and is a global configuration parameter.
Tunneling mode can be changed under the Client Configuration sub-menu and is a global configuration parameter.