This section describes the procedure a remote user can follow on his/her desktop after SSL VPN-Plus is configured. Windows, MAC, and Linux desktops are supported.

Procedure

  1. On the client site, the remote user can type (https://ExternalEdgeInterfaceIP/sslvpn-plus/) in a browser window where ExternalEdgeInterfaceIP is the IP address of the Edge external interface where you enabled SSL VPN-Plus.
  2. Login to the portal using the user's credentials.
  3. Click Full Access tab.

    The SSL client is downloaded.

  4. Login to the SSL client with the credentials specified in the Users section.

    The SSL VPN server certificate is validated depending on the client operating system.

    • Windows client

      Windows client is authenticated if the Server security certificate validation option was selected when the installation package was created.

    • Linux client

      The SSL VPN Linux client validates the server certificate against Firefox's certificate store by default from NSX vSphere version 6.1.3 onwards. If server certificate validation fails, you are prompted to contact your system administrator. If server certificate validation succeeds, a log in prompt is displayed.

      Adding a trusted CA to the trust store i.e Firefox's certificate store is independent of SSL VPN work flow.

    • OS X client

      The SSL VPN OS X client validates the server certificate against Keychain, a database used to store certificates on OS X, by default from NSX vSphere version 6.1.3 onwards. If server certificate validation fails, you are prompted to contact your system administrator. If server certificate validation succeeds, a log in prompt is displayed.

      Adding a trusted CA to the trust store i.e Keychain is independent of SSL VPN work flow.

    The remote user can now access the private network.