About
With SSL VPN-Plus, remote users can connect securely to private networks behind a NSX Edge gateway. Remote users can access servers and applications in the private networks.
Important:
- SSL VPN-Plus Client is not supported on computers that use ARM-based processors.
- In SSL VPN-Plus Client on Windows, the "auto-reconnect" feature does not work as expected when the Npcap loopback adapter is "enabled". This loopback adapter interferes with the function of the Npcap driver on a Windows computer. Make sure that the latest version of the Npcap driver (0.9983 or later) is installed on your Windows computer. This version of the driver does not require the loopback adapter for packet captures.
- Linux TCL, TK, and Network Security Services (NSS) libraries are required for the UI to work.
In this article, will explain to you how to setup SSL VPN-Plus on Virtual Data Center.
Preparation
Before using this guide, please ensure these following:
- You have subscribe to Virtual Data Center and access to vCloud Director
- VPN configuration understanding
- Topology or know what connection you want to established
Guide
1. The first step is to access the “SSL VPN-Plus” configuration tab of the Edge Gateway service configuration.
2. Start with creating a new user in “User” tab
3. Click the plus (+) sign to create new user.
4.Enter the required information:
- User ID → this will be username for logging in
- Password and Retype Password → password for created user
- First name, Last name, Description → additional information (optional)
- Enabled → whether this user will be active or not
- Password Details → additional password policies
- Click on “Keep” when done
5. Next we are going to configure IP Pools for user’s VPN Client.
6. Create new IP Pools by click on plus (+) sign.
7. Enter required information:
- IP Range: IP Addresses to be assigned to user’s workstation (on different subnet from
- Servers’ VDC subnet)
- Netmask: IP Range’s network mask
- Gateway: IP Range’s Gateway IP Address
- Description: This IP Pool’s description (optional)
- Status: whether this IP Pool is active or not
- Primary and Secondary DNS: DNS servers to be used within SSL VPN connection
- DNS Suffix and WINS Server: Additional information to be used within SSL VPN connection
- Click on “Keep” when done
8. Next we’re configuring SSL VPN-Plus client software from “Installation Package” tab.
9. Click on plus (+) sign to add new Installation Package.
10. Fill in required information:
- Profile Name: This installation package’s name
- Gateway: IP Public of Edge Gateway to be used by user to access this installation package
- Port: TCP Port to be used by user to access this installation package
- Create installation package for: supported O/S
- Description: additional information
- Enabled: whether this installation package is active or not
- Installation Parameters for Windows
- Click on “Keep” when done
11. Now we’re configuring subnet within VDC accessible to user from “Private Networks” tab.
12. Add new Private Networks by clicking on plus (+) button.
13. Fill in required information:
- Network : subnet information of VDC network accessible to VPN users
- Description : additional information
- Send Traffic : whether this network will be accessible through VPN or not
- Enable TCP Optimization: optimize bandwidth utilization
- Ports: which ports within this network are accessible to users (keep empty to allow all ports)
- Status: whether this Private Network is active or not
- Click on “Keep” when done
14. Click on “Save changes” to store this information permanently.
15. We’re configuring SSL VPN server’s parameter from “Server Settings” tab.
16. Fill in required information:
- IP Address: Public IP Address of Edge Gateway used by SSL VPN-Plus user
- Port: TCP Port used by SSL VPN-Plus user to send encrypted traffic
- Cipher List: supported encryption scheme
- Click on “Save changes” to keep configuration permanently
Installing SSL VPN – PLUS
1. Browse to this address https://<configured_edge_public_ip>:<configured_package_port>.
2. Ignore security warning (Due to self-signed SSL Certificate being used).
3. Login with configured user credential.
4. Click on “SSL VPN Client” link to download installation package
5. Click the plus (+) sign to create new user
6. Clik on Installer.
7. Select yes.
8. Click on OK.
9. Select network name
10. Next, select yes.
11. Enter username and password, then OK.
12. Click Ok
13. SSL VPN successfully installed.