You must add SSL VPN server settings to enable SSL on a NSX Edge interface.

Procedure

  1. In the SSL VPN-Plus tab, Server Settings from the left panel.
  2. Click Change.
  3. Select the IPv4 or IPv6 address.
  4. Edit the port number if required. This port number is required to configure the installation package.
  5. Select one or more encryption methods or ciphers.
    Note: If any of the following GCM ciphers is configured on the SSL VPN server, backward compatibility issue can occur in some browsers:
    • AES128-GCM-SHA256
    • ECDHE-RSA-AES128-GCM-SHA256
    • ECDHE-RSA-AES256-GCM-SHA38
  6. (Optional) From the Server Certificates table, use the default server certificate, or deselect the Use Default Certificate check box and click the server certificate that you want to add.
    Restriction:
    • SSL VPN-Plus service supports only RSA certificates.
    • SSL VPN-Plus service supports server certificate that is signed only by the Root CA. Server certificate signed by an Intermediate CA is not supported.
  7. Click OK.