Setting Up SSL-VPN Server

To create an SSL VPN Server:
  1. Go to Connectivity >> SSL VPN >> Server
  2. Click on 'Add New' button
  3. Uncheck the Disable this Server check box if it is checked.
  4. Select Server mode
A) If Server Mode Selected- Peer to Peer (SSL/TLS)

General information
  1. Select  Server Mode : Peer to Peer (SSL/TLS)
  2. Select Protocol : UDP
  3. Device Mode : tun
  4. Interface : WAN
  5. Local Port : 1194
  6. Enter a Description for the Server
Cryptographic Settings
  1. Check "Enable authentication of TLS packets" ( if TLS authentication is needed")
  2. Select "Peer Certificate Authority"
  3. Select Server Certificate    
  4. Select DH Parameters Length : 1024 bits
  5. Encryption algorithm : AES-128-CBC (128-bit)
Tunnel Settings
  1. Enter Tunnel Network : This the virtual network that is used for the communications between server and client.
  2. Check 'Redirect Gateway' if you want to redirect entrire traffic from the client through the tunnel
  3. Local Network : Specify the network to which the VPN is to be connected to. By default it is the network connected to the LAN interface.
  4. Remote Network : Enter the  network that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables
  5. Concurrent Connections : Enter the Number of Concurrent Connections that can be made to the server
  6. Compression : Check 'Compress tunnel packets using the LZO algorithm.'
  7. Click Save
B) If Server Mode Selected - Remote Access (SSL/TLS)

General information
  1. Select  Server Mode : Remote Access (SSL/TLS)
  2. Select Protocol : UDP
  3. Device Mode : tun
  4. Interface : WAN
  5. Local Port : 1194
  6. Enter a Description for the Server
Cryptographic Settings
  1. Check "Enable authentication of TLS packets" ( if TLS authentication is needed")
  2. Select "Peer Certificate Authority"
  3. Select Server Certificate    
  4. Select DH Parameters Length : 1024 bits
  5. Encryption algorithm : AES-128-CBC (128-bit)
Tunnel Settings
  1. Enter Tunnel Network : This the virtual network that is used for the communications between server and client.
  2. Check 'Redirect Gateway' if you want to redirect entrire traffic from the client through the tunnel
  3. Local Network : Specify the network to which the VPN is to be connected to. By default it is the network connected to the LAN interface.
  4. Concurrent Connections : Enter the Number of Concurrent Connections that can be made to the server
  5. Compression : Check 'Compress tunnel packets using the LZO algorithm.'
  6. Check Inter-client communication : If communication among clients connected to the Server is needed
  7. Check Duplicate Connections : If clients need to connect from muliple locations using the same Common Name
Client Settings
  1. Check Dynamic IP - To allow connected clients to retain their connections if their IP address changes.
  2. Click Save