392
Configuring SSL VPN
SSL VPN is a VPN technology based on Secure Sockets Layer (SSL). It works between the transport
layer and the application layer. Using the certificate-based identity authentication, data encryption,
and integrity verification mechanisms that the SSL protocol provides, SSL VPN can establish secure
connections for communications at the application layer.
SSL VPN has been widely used for secure, remote Web-based access. For example, it can allow
remote users to access the corporate network securely. Figure 134
shows a typical SSL VPN network.
On the SSL VPN gateway, the network administrator creates resources corresponding to the servers
in the internal network. To access an internal server, a remote user first needs to establish a
Hypertext Transfer Protocol Secure (HTTPS) connection with the SSL VPN gateway and selects the
resources to be accessed. Then, the SSL VPN gateway forwards the resource access request to the
internal server. In the SSL VPN deployed network, the SSL VPN gateway will establish an SSL
connection with a remote user and then will authenticate the user before allowing the user to access
an internal server, and therefore the internal servers are well protected.
Figure 134 Network diagram for SSL VPN configuration
The following is how SSL VPN operates:
1. The administrator logs in to the Web interface of the SSL VPN gateway, and then creates
resources corresponding to the internal servers.
2. The remote user establishes an HTTPS connection with the SSL VPN gateway. The SSL VPN
gateway and the remote user authenticate each other using the certificate-based authentication
function provided by SSL.
3. After the HTTPS connection is established, the user can try to log in to the Web interface of the
SSL VPN gateway by entering the username, password, and authentication method (RADIUS
authentication, for example). The SSL VPN gateway will verify the user information.
4. After logging in to the Web interface, the user finds the resources to access on the Web
interface and then sends an access request to the SSL VPN gateway through an SSL
connection.
5. The SSL VPN gateway resolves the request, interacts with the corresponding server, and then
forwards the server’s reply to the user.
Internet
SSL VPN gateway
Remote user
Internal servers
Administrator
To Next Page
Loading...
Need help?
General
