Create an SSL server
Overview
This topic describes how to create an SSL server. Before you can create an SSL-VPN connection, you must create an SSL server.
Procedure
- In the left-side navigation pane, choose VPN > SSL Servers.
- On the SSL Servers page, click Create SSL Server.
- On the Create SSL Server page, set the following parameters and click Submit:
| Parameter | Description |
|---|---|
| Organization | Select the organization to which the IPsec-VPN connection belongs. |
| Resource Set | Select the resource set to which the SSL server belongs. |
| Region | Select the region where you want to deploy the SSL server. |
| Zone | Select the zone where you want to deploy the SSL server. |
| Name | Enter a name for the SSL server. The name must be 2 to 100 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter. |
| VPN Gateway | Select the VPN gateway that you want to associate with the SSL server. |
| Local CIDR Block | Enter the CIDR block that the client needs to access through the SSL-VPN connection. It can be the CIDR block of a virtual private cloud (VPC), a VSwitch, a data center connected to a VPC through an Express Connect circuit, or a cloud service such as RDS or Object Storage Service (OSS). You can enter multiple local CIDR blocks. Separate local CIDR blocks with commas (,). Note The subnet mask of the specified CIDR block must be 16 to 29 bits in length. |
| Client CIDR Block | Enter the CIDR block from which an IP address is allocated to the virtual network interface cont roller (NIC) of the client . Do not enter the private CIDR block of the client. When the client accesses the destination network through an SSL-VPN connection, the VPN gateway allocates an IP address from the client CIDR block to the client. Note Make sure that the local CIDR block and the client CIDR block do not overlap with each other. |
| Advanced Settings | Select the type of advanced settings. Default : Use the default settings. Configure : Use custom settings. You can set the following parameters: · Protocol : Select a protocol for the SSL-VPN connection. Valid values: UDP (default) and TCP. · Port : Specify the port used by the SSL-VPN connection. Default value:1194. You cannot use the following port numbers: 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500. Encryption Algorithm : Select the encryption algorithm used by the SSL-VPN connection. Valid values: AES - 128 -CBC (default), AES - 192 - CBC , AES -256 -CBC, and none. Compressed : Specify whether to compress the data that is transmitted over the SSL-VPN connection. Default value: No. |
