How to Use SSL VPN?

How to Use SSL VPN?

 

This document introduces how to set up Vigor Router to be a SSL VPN server, and how to establish a SSL VPN Tunnel and use SSL Applications on SSL clients.

scenario

A. Configuration on Vigor Router

  1. Create SSL VPN User Account: Go to SSL VPN >> User Accountclick on an Index number to add/edit an account.

a1

    1. Enable this account.

    2. Make sure SSL Tunnel is enabled for Allowed Dial-in Type.

  1. Add the account to a User Group: Go to SSL VPN >> User Group, click on an Index number to add/edit the User Group.

a2

    1. Enable Local User DataBase in Authentication Methods.

    2. Click on the User Account we created in Step1 from Available User Accounts.

    3. Click ">>" to move it to Selected User Accounts.

    4. Click OK to save.

  1. Note that by default, Vigor Routers use port 443 for SSL VPN service, which is the same as HTTPS services. If HTTPS services is enabled as well, you may change the SSL VPN port at SSL VPN >> General Setup.

a3

B. Use a Browser to Establish a SSL VPN Tunnel

For SSL VPN Client, please make sure Java is installed on your computer.

  1. Open a Browser and enter "https://" with Vigor Router's WAN IP in address bar. Enter Username and Password and click Login.

Note: If you have change the port for SSL VPN, please add ":" with port number at the end of WAN IP.

b1

  1. After logging in, go to SSL Tunnel Tab, read the Warning Message and click Connect.

b2

  1. Run all the programs it requires. And after the connection established, there will be a DraySSL Tunnel Client window pop up.

b3

Note: If you couldn't establish a connection successfully, please use the JAVA Security Configuration described in Part C.

C. JAVA Security Configurations for SSL VPN Client

If you are having trouble using the SSL VPN services, please modify the Java Security Configuration.

  1. Open Java Control Panel: For Windows users, go to Control Panel and click on Java.

c1

  1. In Advanced Tab, enable "Show site certificate from server even if it is valid" and "Use TLS 1.0/2.0/3.0", but disable "Use SSL 3.0"

c2

  1. In Security Tab, set Security Level to Medium and click Edit Site List to add the Vigor Router's IP to Exception Site List.

c3

  1. Edit the Exception Site List:

    c4

    1. Click Add.

    2. Enter "https://" with Vigor Router's WAN IP. (add ":" with port number at the end of the IP if SSL VPN does not use the default port 443.)

    3. Click OK to save.

D. Use Smart VPN Client to Establish a SSL VPN Tunnel

You may also use Smart VPN Client to start a SSL VPN Connection.

  1. Install and run Smart VPN Client, click Insert to create a new VPN profile.

d1

    1. Enter Vigor Router's WAN IP in VPN Server/HOST Name field.

    2. Click OK to save the profile.

  1. Leave Authentication Method as AUTO, select "Automatically get IP address & DNS server" and click OK.

d2

  1. Select VPN profile, and click Connect to establish the SSL VPN connection.

d3

  1. Click OK to confirm User Name and Password.

d4

  1. If connection is up, Smart VPN Client Status will show Connected.

d5

E. Connect to the remote server with SSL application

Vigor router support three different SSL applications, Remote Desktop ProtocolVirtual Network Computing, and Samba Application. In this note, we take Remote Desktop Protocol for example.

e-scenario

  1. On Vigor Router, go to SSL VPN >> SSL Application, and click on an index number to create/edit a new Application Profile.

e1

    1. Click OK to save.

  1. Go to SSL VPN >> User Group, and click on an Index number to create/edit a new User Group Profile.

e2

    1. Click OK to save.

  1. From the client side, open a browser and access the Vigor router to log in the SSL server.

e3

  1. Go to SSL Application Tab, and click the Connect to establish SSL remote access.

e4

  1. After connecting successfully, it will display the desktop of remote server.

    e5

NEWSLETTER

Nom (*)
Please let us know your name.
Email (*)
Please let us know your email address.