R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101
334
Task Remarks
Configuring local users
Required.
Configure local SSL VPN users—users that need to pass local
authentication to log in to the SSL VPN system.
By default, a local user named guest (without a password) exists, in
denied state.
Configuring a user group
Required.
Configure a user group, add local users to the user group, and
select the resource groups that the user group can access.
By default, a user group named Guests exists, and no users and
resource groups are assigned for it.
IMPORTANT:
You can also add a local user to existing user groups when creating
the local user.
Viewing user information
Optional.
View the online user information and the history user information,
and log out online users.
Performing basic configurations for the
SSL VPN domain
Optional.
Configure the domain policy, caching policy, and bulletin
information for the SSL VPN domain.
Configuring authentication policies
Optional.
Configure authentication methods and authentication parameters
for an SSL VPN domain.
IMPORTANT:
Local authentication is always enabled. To use other
authentication methods, you need to manually enable them.
Configuring a security policy
Optional.
Configure the check items and protected resources for a security
policy. Only user hosts that pass the security policy's check can
access the configured resources.
IMPORTANT:
To perform security check for user hosts, you must also enable
security check in the domain policy.
Partially customizing the SSL VPN
interface
Optional.
Customize service interfaces for SSL VPN users.
Fully customizing the SSL VPN interface
Configuring the SSL VPN service
Before you configure the SSL VPN service, go to VPN > Certificate Management to configure a PKI
domain and get a certificate for the SSL VPN gateway. An administrator or user uses the certificate to
authenticate the SSL VPN gateway to avoid logging in to an invalid SSL VPN gateway. For more
information about certificates, see "Managing Certificates."