Kerio clientless ssl-vpn, Configuration of winroute's ssl-vpn, Configuration of winroute’s ssl-vpn – Kerio Tech Firewall6 User Manual

363

Chapter 24

Kerio Clientless SSL-VPN

Kerio Clientless SSL-VPN (thereinafter “SSL-VPN”) is a special interface used for secured remote

access to shared items (files and folders) in the network protected by WinRoute via a web

browser.

To a certain extent, the SSL-VPN interface is an alternative to Kerio VPN Client (see chapter

23

).

Its main benefit is that it enables an immediate access to a remote network from any location

without any special application having been installed and any configuration having been per-

formed (that’s the reason for calling it clientless). The main disadvantage of this alternative is

that network connections are not transparent. SSL-VPN is, in a manner, an alternative to the

My Network Places system tool ) — it does not enable access to web servers or other services

in a—remote network.

SSL-VPN is suitable for an immediate access to shared files in remote networks in such envi-

ronments where it is not possible or useful to use Kerio VPN Client.

24.1 Configuration of WinRoute’s SSL-VPN

Usage of SSL-VPN is conditioned by membership of the WinRoute host in the corresponding

domain (Windows NT or Active Directory). User accounts that will be used for connections to

SSL-VPN must be authenticated at the domain (it is not possible to use local authentication).

This implies that SSL-VPN cannot be used for accessing shared items in multiple domains or

to items at hosts which are not members of any domain.

SSL-VPN configuration

The SSL-VPN interface can be enabled/disabled on the Web Interface → SSL-VPN in the Config-
uration → Advanced Options section.

Figure 24.1

Configuration of the SSL-VPN interface