SSL WEB Application

2»

All Replies

  • RapidEye_IT
    RapidEye_IT Posts: 8  Freshman Member
    First Answer First Comment Friend Collector First Anniversary
    edited February 2021
    L2TP/IPSEC would be the best VPN to implement when an application for SSL VPN cannot be installed or if you want to use the native VPN client built-in to the operating system. For instance, I've configured the L2TP over IPSEC VPN so that I can connect to my local network through my android over cellular network through the ZYXEL. Always on VPN works in this config. I am still using a ZYXEL USG60. There are instructions provided by ZYXEL on how to set up L2TP over IPSEC

    If you require port 443 open for an SSL web application, and you still must use SSL VPN, then you must configure the SSL port in the ZYXEL's web server to a different port, and then configure SecuExtender to use the other new port. This way port 443 can be forwarded to your actual web server and not the ZYWALL itself. Keep in the mind that you need to adjust your Security Policy for the new port plus the NAT rule.
    NOTE:I don't recommend this approach due to the SecuExtender for MAC having a glitch in the address port suffix but it still works. More importantly, the whole point in using VPN over SSL is for compatibility in public places that only permit port 443, such as an airport
  • SyoSilIT
    SyoSilIT Posts: 3  Freshman Member
    First Comment Friend Collector
    @RapidEye_IT
    Thank you for your reply but the scenario is still that I cannot do anything on the laptop I have. I do not have administration rights or anything so the only way would be using the SSL web app solution. I agree moving the SSL VPN to a another port is a bad idea as this would break access in some places.

Security Highlight