SSL VPN is an SSL-based VPN remote access technology. As a new lightweight remote access solution, SSL VPN enables mobile office users to securely and efficiently access intranet resources outside an enterprise.
The device provides local authentication, server authentication, and certificate authentication for SSL VPN users. Users need to use HTTPS to access the SSL VPN authentication page and intranet resources. The SSL tunnel encrypts and checks the data to be transmitted, which ensures communication security between the client and device.
SSL VPN requires that users use HTTPS for access. The SSL tunnel encrypts and checks the data to be transmitted between the client and device to prevent information from being revealed or tampered with.
In local authentication authentication, you can set whether users are forced to change passwords upon their first login. The device also supports password validity period reminder and expiration reminder in local authentication. When a password is about to expire, the system prompts the user to change the password. Passwords of local users are encrypted using PBKDF2 and then stored in a database.
None
system-view
v-gateway gateway basic certificate-server aaa.p12 enable quit
By default, the device sends the default certificate to the user. However, the user cannot verify its validity because the certificate is user-defined, not issued by a trusted Certificate Authority (CA). You are advised to apply for the device certificate and CA certificate to the CA, and import the device certificate to the device and CA certificate to the user browser.
Set the password strength to high (when changing a password, a user has to comply with the requirement), require that a user must change the password upon first login (only for local authentication), set the password validity period and expiry reminder.
password-policy level high firstmodify enable lefttime 60 alarmtime 15