Advanced Networking Services Guide
Table Of Contents
- vCloud Air Advanced Networking Services Guide
- Contents
- Preface
- Introducing Advanced Networking Services for vCloud Air
- Advanced Routing for vCloud Air
- Certificate and Security Group Management
- Network Security and Isolation
- Load Balancing
- Secure Access Using Virtual Private Networks
- IP Service Management: NAT and DHCP
- Index
5 Add an Installation Package on page 56
Create an installation package of the SSL VPN-Plus client for the remote user.
6 Add an SSL VPN-Plus User on page 57
Add a remote user to the local database.
7 Add a Web Resource for SSL VPN-Plus Access on page 58
Add a server that the remote user can connect to via a Web browser.
8 Edit Client Configuration on page 59
You can change the way the SSL VPN client tunnel responds when the remote user logs in to SSL
VPN.
9 Add a Script on page 60
You can add multiple login or logoff scripts. For example, you can bind a login script for starting
Internet Explorer with gmail.com; when a remote user logs in to the SSL client, Internet Explorer
opens gmail.com.
10 Edit the Default SSL VPN-Plus Settings on page 60
You can edit the default VPN settings.
11 Customize the Portal Design on page 61
You can edit the client banner bound to the SSL VPN client.
Configure Server Settings
You must add SSL VPN server settings to enable SSL on an edge gateway interface.
To connect to the edge gateway in vCloud Air, remote users specify the IP address and port number you set
in this procedure.
If your edge gateway is configured with multiple, overlay IP address networks on its external interface, the
IP address you select might be different from the default external interface of the edge gateway.
While configuring server settings, you must choose which encryption algorithms to use for the SSL VPN
tunnel. You can choose one or multiple ciphers to support; VMware recommends you be aware of the
strength and weakness of the ciphers you select.
Specify an identity certificate for the SSL VPN tunnel. You can choose to use the default, self-signed
certificate that the Advanced Networking Services generates for each edge gateway or you can specify an
externally-generated digital certificate.
Prerequisites
If you choose to use a certificate other than the default certificate, import the required certificate into
vCloud Air. See “Add a Certificate,” on page 25 for information.
Procedure
1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI.
See “Log In and Navigate to Advanced Networking Services,” on page 9 for information.
2 Click the SSL VPN-Plus tab and Server Settings.
3 Click Change next to Server Settings.
The Change Service Settings dialog box appears.
4 Select an IPv4 or an IPv6 address.
Chapter 6 Secure Access Using Virtual Private Networks
VMware, Inc. 51