Configuring ssl vpn, Feature and hardware compatibility, Ssl vpn overview – H3C Technologies H3C SecPath F1000-E User Manual
Page 347
335
Configuring SSL VPN
To implement SSL VPN, you must perform some configuration in the Web interface and some
configuration at the CLI.
Feature and hardware compatibility
Feature F1000-A-EI/E-SI/S-AI
F1000-E
F5000-A5 Firewall
module
SSL VPN
Yes
Yes
No
No
SSL VPN overview
SSL VPN is a VPN technology based on Secure Sockets Layer (SSL). It works between the transport layer
and the application layer. Using the certificate-based identity authentication, data encryption, and
integrity verification mechanisms that SSL provides, SSL VPN can establish secure connections for
communications at the application layer.
SSL VPN has been widely used for secure, remote web-based access. For example, it can allow remote
users to access the corporate network securely.
shows a typical SSL VPN network. On the SSL
VPN gateway, you can create resources to represent the resources on the servers in the internal network.
To access an internal server, a remote user first needs to establish a Hypertext Transfer Protocol Secure
(HTTPS) connection with the SSL VPN gateway and selects the resources to be accessed. Then, the SSL
VPN gateway forwards the resource access request to the internal server. In the SSL VPN deployed
network, the SSL VPN gateway will establish an SSL connection to a remote user and then authenticate
the user before allowing the user to access an internal server, protecting the internal servers.
Figure 214 Network diagram for SSL VPN configuration
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS