Ssl vpn overview, How ssl vpn operates – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 893
872
SSL VPN overview
SSL VPN is a VPN technology based on SSL. It works between the transport layer and the application
layer. Using the certificate-based identity authentication, data encryption, and integrity verification
mechanisms that SSL provides, SSL VPN can establish secure connections for communications at the
application layer.
SSL VPN has been widely used for secure, remote Web-based access. For example, it can allow remote
users to access the corporate network securely.
shows a typical SSL VPN network. On the SSL
VPN gateway, you can create resources to represent the resources on the servers in the internal network.
To access an internal server, a remote user first needs to establish an HTTPS connection with the SSL VPN
gateway and select the resources to be accessed. Then, the SSL VPN gateway forwards the resource
access request to the internal server. In the SSL VPN deployed network, the SSL VPN gateway will
establish an SSL connection to a remote user and then authenticate the user before allowing the user to
access an internal server, protecting the internal servers.
Figure 927 Network diagram for SSL VPN configuration
How SSL VPN operates
SSL VPN operates as follows:
1.
The administrator logs in to the Web interface of the SSL VPN gateway, and then creates resources
to represent resources on the internal servers.
2.
A remote user establishes an HTTPS connection to the SSL VPN gateway. The SSL VPN gateway
and the remote user authenticate each other by using the certificate-based authentication function
provided by SSL.
3.
After the HTTPS connection is established, the user can try to log in to the Web interface of the SSL
VPN gateway by entering the username and password and selecting the authentication method
(for example, RADIUS authentication). The SSL VPN gateway will verify the user information.
4.
After logging in to the Web interface, the user finds the resources of interest on the Web interface.
The user client then sends an access request to the SSL VPN gateway through an SSL connection.
Internet
SSL VPN gateway
Remote user
Internal servers
Administrator
- H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module