Cisco SA520-K9 Administration Guide - Page 156
Elements of the SSL VPN, Scenario Step 1: Customizing the Portal Layout,
UPC - 882658266744
View all Cisco SA520-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 156 highlights
Configuring VPN Configuring SSL VPN for Browser-Based Remote Access 7 Internet. Then, you could configure links to specific targets on the internal network that you want users of Clientless SSL VPN to be able to access. • Educate users. If an SSL-enabled site is not inside the private network, users should not visit this site over a Clientless SSL VPN connection. They should open a separate browser window to visit such sites, and use that browser to view the presented certificate. Elements of the SSL VPN Several elements work together to support SSL VPN. • Portal: To access your network, user starts a web browser and then enters the URL for your portal. The security appliance is pre-configured with a portal that you can use for all users. You can modify title, banner heading, banner message, security settings, and access type (VPN tunnel, port forwarding, or both). In addition, you can create different portal layouts for different groups of users. For example, you could create two portal layouts for two groups that have access to different resources. On each portal layout, you would customize the banner message to provide customized information for the portal users. IMPORTANT: If you plan to create different portal layouts for different user domains, you must create the portal layouts first. In the scenario, start with Scenario Step 1: Customizing the Portal Layout, page 157. If you are not going to create different portal layouts, you can start the scenario with this step so that you can review the default settings and modify, as needed. In addition, the Portal Layouts page shows you the URL that you need to provide to the portal users. • Users: Create your VPN users. You can use the default domain and group or configure your own domains and groups. As you create each user record, be sure to select SSL VPN User as the User Type. Instructions are included in the scenario, or for complete details about domains, groups, and users, see Chapter 8, "Administration.". • VPN Policies: The default VPN policies should be sufficient for most purposes. As needed, you can create more complex policies. See Creating the SSL VPN Policies, page 160. • Port Forwarding: You can configure port forwarding to allow access to a limited set of resources. For example, you may want the SSL VPN users to access the email service only. See Configuring SSL VPN Port Forwarding, page 163. Cisco SA500 Series Security Appliances Administration Guide 156