Create an SSL server
Overview
This topic describes how to create an SSL server. Before you can create an SSL-VPN connection, you must create an SSL server.
Procedure
- On the VPN Gateways page, click the SSL Servers tab.
- On the SSL Servers page, click the Create SSL Server button.
- On the Create SSL Server section, configure the parameters.
| Parameter | Description |
|---|---|
| Organization | Select the organization to which the IPsec-VPN connection belongs. |
| Resource Set | Select the resource set to which the SSL server belongs. |
| Region | Select the region where you want to deploy the SSL server. |
| Zone | Select the zone where you want to deploy the SSL server. |
| Name | Enter a name for the SSL server. The name must be 2 to 100 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter. |
| VPN Gateway | Select the VPN gateway that you want to associate with the SSL server. |
| Local CIDR Block | Enter the CIDR block that the client needs to access through the SSL-VPN connection. It can be the CIDR block of a virtual private cloud (VPC), a vSwitch, a data center connected to a VPC through an Express Connect circuit, or a cloud service such as RDS or Object Storage Service (OSS). You can enter multiple local CIDR blocks. Separate local CIDR blocks with commas (,). Note: The subnet mask of the specified CIDR block must be 16 to 29 bits in length. |
| Client CIDR Block | Enter the CIDR block from which an IP address is allocated to the virtual network interface controller (NIC) of the client . Do not enter the private CIDR block of the client. When the client accesses the destination network through an SSL-VPN connection, the VPN gateway allocates an IP address from the client CIDR block to the client. Note: Make sure that the local CIDR block and the client CIDR block do not overlap with each other. |
| Advanced Settings | Select the type of advanced settings. Default : Use the default settings. Configure : Use custom settings. You can set the following parameters: ● Protocol : Select a protocol for the SSL-VPN connection. Valid values: UDP (default) and TCP. ● Port : Specify the port used by the SSL-VPN connection. Default value:1194. You cannot use the following port numbers: 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500. Encryption Algorithm : Select the encryption algorithm used by the SSL-VPN connection. Valid values: AES - 128 -CBC (default), AES - 192 - CBC , AES -256 -CBC, and none. Compressed : Specify whether to compress the data that is transmitted over the SSL-VPN connection. Default value: No. |
- On the Create SSL Server page, click the Submit button.
- Once the SSL Server is successfully created, its status has been updated as shown.
