Configuring the ssl vpn service – H3C Technologies H3C SecPath F1000-E User Manual

Page 396

384

Figure 270 Network diagram

NOTE:

Before performing the following configurations, make sure that:

•

The SSL VPN gateway, the CA, and the hosts used by remote users can reach each other.

•

The CA is enabled with the CA service and can issue certificates to the SSL VPN gateway and the hosts.

•

The RADIUS server is properly configured to provide normal authentication function for users. In this
example, you need to configure the shared key as expert, configure the user account and user group

information, and add users to user group user_gr2.

Configuring the SSL VPN service

Request a certificate for the SSL VPN gateway:
# Configure a PKI entity named en.

Select VPN > Certificate Management > Entity from the navigation tree.

Click Add to add a PKI entity.

Figure 271 Configuring a PKI entity named en

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS