VMware SSLVPN Configuration

In this Blog we will going to do VMware SSLVPN Configuration

Login to the vCenter Server vSphere Web Client

Note: In VMware version 6.7 , Web client access is available in HTML5 and Flex. Use Flex option login to get the SSLVPN tab to be visible in the NSX edges. In HTML5 , SSLVPN tab will not be visible.

VMWare SSLVPN Configuration Launch

Home – Navigate Networking & Security > NSX Edges > Double click the NSX edge > Manage > SSL VPN-Plus > Server Settings. Click Change

nsx edge ssl vpn

Provide the IP address(Edge Uplink Interface IP will be used as SSLVPN IP), Port number and select certificate(Optional) , Otherwise check Use Default Certificate and click OK

edge uplink interface sslvpn certificate

Add an IP Pool. An IP Pool is a range of virtual IP addresses that will be assigned to remote users when they are connected to the VPN.

Select the Add +

remote esx edge vspher

Enter the Network range(Start and End), Gateway address, DNS Address, DNS Suffix  and Click OK.

Note : This IP Pool range routing information should be added to the physical network devices to successfully enable the communication between remote user and organization over VPN.

netwrok edge static pool ssl vpn users

Add the private network range of the Organisation that should be accessible to the remote users when connected to the VPN.

Private Networks click on Add +

edge private network ssl vpn

Type the private network IP address.

over tunnel bypass tunnel edge ssl vpn

Authentication enables authorised remote users to login to SSLVPN using the credentials. SSL VPN supports local, AD, LDAP, Radius, or RSA authentication types.

Note: we must create an AD user in the Active Directory Users & Computers, before configuring the options. User can be only with Domain Users group membership.

Authentication Click on Add +

edge ssl vpn ad ldap rsa radius tunnel

Configure the parameters and Click OK.

Note: Search Base is the path where all the users created and needs to be authenticated during SSLVPN login and Bind DN is the path of the service account user created to have a access to the AD to authenticate.

Example –

Search Base – OU=SSLUsers, DC=CORP,DC=COM – This indicates ALL users in the SSLUsers OU can be authenticated for the remote access

Bind DN – CN=SSLVPN,OU=SSLUsers,DC=CORP,DC=COM – SSLVPN is the service account created in the OU to access the AD server and authenticate the incoming remote access.

edge add authentication server ssl vpn

Installation package section enables remote users to download the SSLVPN client software and connect.

Note: Edge up-link interface to be mapped to the public IP address which will be used as an SSL VPN IP address for remote user.

Under Installation Package click on Add +

edge installation sslvpn package client software connect nsx

Provide the Profile name -Gateway, enter the IP or FQDN of the public IP address of the NSX Edge – Enter the port number and Click OK.

nsx edge ssl vpn plus windows
ssl vpn client edge nsx vmware adapter

Users – The user accounts can be created if in case, Local Authentication is selected in the Authentication Section.

Other Sections can be left with default options configured.

Finally enable the SSLVPN Service.

edge nsx ssl vpn

And click Yes to start the service

start ssl vpn plus serive

Testing the SSLVPN

Login to the Public IP to download the SSLVPN Package Provide the AD User name& password and Click Login.

vmware ssl vpn plus nsx edge login portal

Click the VPN profile name to download the VPN client

nsx edge vpn ssl plus login

Click the hyperlink (Click Here) to download the SSLVPN Profile.

ssl vpn nsx edge

The Downloaded Package will be in .zip – extract the packages and Click Installer.exe

vpn ssl download installer package

Click Yes to continue

ssl vpn nsx edge install vmware plus

Once installed, an shortcut will be created – Click on the shortcut – Profile Name will be displayed and Click Login with AD credentials

ssl vpn plus client login vmware

Accept the security alert

security alert vpn ssl vmware nsx edge

Enter in the credentials and Click OK.

vmware ssl vpn plus client authentication user

Now the SSLVPN connection has been connected. You can also check the system tray to see the VPN icon with the status as connected.

ssl vpn connection established vmware nsx edge
connection image taskbar nsx edge ssl vpn vmware

VMware SSLVPN Configuration Blog have the step by step detail, we hope you like this. If you required any details you can comment below.

You can also refer other blogs on VMWare at link

You can also refer other blogs on CISCO at link

And also if you required any technology you want to learn, let us know below we will publish them in our site http://tossolution.com/

Like our page in Facebook and follow us for New technical information.

2 Replies to “VMware SSLVPN Configuration”

  1. Have you ever seen issues with accounts with expired passwords not being able to reset the password through the client. Using AD Authentication Service.

    Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *