The SSL VPN-Plus services for a vCloud Director environment's edge gateway enable remote users to connect securely to the private networks and applications in the organization virtual datacenters backed by that edge gateway. If the edge gateway for your organization virtual datacenter has been converted to an advanced edge gateway, you can use the tenant portal's SSL VPN-Plus screen to configure various SSL VPN-Plus services on the edge gateway.

In your vCloud Director environment, the edge gateway's SSL VPN-Plus capability supports network access mode. Remote users must install an SSL client to make secure connections and access the networks and applications behind the edge gateway. As part of the edge gateway's SSL VPN-Plus configuration, you add the installation packages for the operating system and configure certain parameters. See Add an SSL VPN-Plus Client Installation Package for details.

Configuring SSL VPN-Plus on an edge gateway is a multi-step process.

For the ability to use the vCloud Director tenant portal to work with an edge gateway's settings, the edge gateway must have already been converted to an advanced edge gateway using the Convert to Advanced Gateway action on the edge gateway in the vCloud Director Web console. See the vCloud Director Administrator's Guide for details.

Verify that all of the SSL certificates needed for the SSL VPN-Plus have been added to the tenant portal's Certificates screen. See SSL Certificate Management Using the Tenant Portal.

Note

On an edge gateway, port 443 is the default port for HTTPS. For the SSL VPN functionality, the edge gateway's HTTPS port must be accessible from external networks. The SSL VPN client requires the edge gateway IP address and port that are configured in the Server Settings screen on the tenant portal's SSL VPN-Plus tab be reachable from the client system. See Configure SSL VPN Server Settings.

1

If the edge gateway for your vCloud Director organization virtual datacenter has been converted to an advanced edge gateway, you can navigate to the vCloud Director tenant portal's SSL-VPN Plus screen to begin configuring the SSL-VPN Plus service for that edge gateway.

2

These server settings configure the SSL VPN server, such as the IP address and port the service listens on, the service's cipher list, and its service certificate. When connecting to the edge gateway, remote users specify the same IP address and port you set in these server settings.

3

The remote users are assigned virtual IP addresses from the static IP pools that you configure using the IP Pools screen on the vCloud Director tenant portal's SSL VPN-Plus tab.

4

Use the Private Networks screen on the vCloud Director tenant portal's SSL VPN-Plus tab to configure the private networks. The private networks are the ones you want the VPN clients to have access to, when the remote users connect using their VPN clients and the SSL VPN tunnel. The enabled private networks will be installed in the routing table of the VPN client.

5

Use the Authentication screen on the vCloud Director tenant portal's SSL VPN-Plus tab to set up a local authentication server for the edge gateway's SSL VPN service and optionally enable client certificate authentication. This authentication server is used to authenticate the connecting users. All users configured in the local authentication server will be authenticated.

6

Use the Users screen on the vCloud Director tenant portal's SSL VPN-Plus tab to add accounts for your remote users to the local authentication server for the edge gateway's SSL VPN service.

7

Use the Installation Packages screen on the vCloud Director tenant portal's SSL VPN-Plus tab to create named installation packages of the SSL VPN-Plus client for the remote users.

8

Use the Client Configuration screen on the vCloud Director tenant portal's SSL VPN-Plus tab to customize the way the SSL VPN client tunnel responds when the remote user logs in to SSL VPN.

9

By default, the system sets some SSL VPN-Plus settings on an edge gateway in your vCloud Director environment. You can use the General Settings screen on the vCloud Director tenant portal's SSL VPN-Plus tab to customize these settings.