Search: Advanced search
Browse by category:
Configuring Client-less SSL VPN
Mettle SE WebGUI has to be reconfigured to use any other port than 443.
You should have Internet connection configured in Mettle SE.
Server certificate configured in Mettle SE
External Authentication Servers configured in Mettle SE (optional)
Configuring Clientless SSL VPN
Go to Connectivity >> Clientless SSL VPN
Make sure that Enable box is checked.
Select the Interfaces you want the Clientless SSL VPN to accept connections. In most cases this will be WAN
Select the Authentication Server to use. If you have configured external authentication servers in Mettle SE it will be listed here.
Select the Server Certificate to use.
Click on Save button.
Next step is defining network resources that remote users wants to access through the VPN.
Click on Resources on the left menu.
Click on Add New Resource button
Enter Name to identify this resource. The name should be unique.
Select the Protocol
Enter Host. You can optionally specify port number along with host as hostname:port. (eg: 192.168.1.1:8080)
Enter Path if applicable. If your application is accessed by specifying a path enter it here. (eg: For http://192.168.1.1/app/ you should enter Path as /app/)
DNS: You can optionally specify a domain name here. This will be the DNS name that remote users will be using to access this resource. This domain name should resolve to Mettle SE's interface IP where Clientless SSL VPN is configured to accept connections. Note: Mettle Networks strongly recommends configuring resources by DNS names.
Enter a Description and click on Save to finish adding the resource.
Groups allows managing resource access restriction easier when there are a large no. of users. To create a group click on Groups on the left menu and then click on Add New Group button.
Enter the group name and select the resources that this group has access to. Note: If you have configured external authentication servers, the group name here must match LDAP/Active Directory group.
Click on Save to finish group creation.
If you have configured Local Database for authentication servers, you need to add users here. Note:For external authentication servers create users on the LDAP/Active Directory server.
You need to make necessary changes in Firewall configuration to allow tcp port 443 on the respective interfaces for remote users to connect to VPN.
Connecting VPN from Remote
Now you can try connecting the VPN from remote location. Open a browser and enter the IP Address (domain name if you have configured DNS in Resource creation) of the Mettle SE's interface IP where Clientless SSL VPN is configured to accept connections. You will be prompted with a login page.
On successful login user will be displayed a page links to access resources that has been assigned to the user's group.
|LDAP Server Configuration|
|Import SSL certificate to use in Mettle SE|
Powered by KBPublisher (Knowledge base software)