Edit the engine-specific SSL VPN Portal settings

You can edit the engine-specific SSL VPN Portal settings in the Engine Editor.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click an engine element, then select Edit <element type>.
  2. Browse to VPN > SSL VPN Portal.
    The SSL VPN Properties pane opens on the right.
  3. Click Select to select the SSL VPN Portal you want to use.
  4. (Optional) To change the SSL cryptographic algorithms used by the SSL VPN Portal, click Select next to the TLS Cryptography Suite Set field, then select a TLS Cryptography Suite Set element.
  5. Click Save and Refresh to transfer the new configuration to the engines.

Engine Editor – VPN – SSL VPN Portal

Use this branch to change settings for the SSL VPN portal on the engine.

Option Definition
SSL VPN Portal Shows the SSL VPN Portal element that is selected for the engine. Click Select to select an SSL VPN Portal element for the engine.
Port (Optional) The port for client connections to the SSL VPN Portal. The default port is 443.
Allowed SSL/TLS Versions The versions of SSL and TLS that are allowed for connections to the SSL VPN Portal.
  • SSL 3.0
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
TLS Cryptography Suite Set The cryptographic suite for TLS connections to the SSL VPN Portal. Click Select to select a cryptographic suite for TLS connections to the SSL VPN Portal. Do not change the default setting unless you have a specific reason to do so.

TLS Cryptography Suite Set Properties dialog box

Use this dialog box to view the properties of the default TLS Cryptography Suite Set element. Advanced users can create custom TLS Cryptography Suite Set elements if they have a specific reason to do so.

Option Definition
Name Specifies the name of the element.
Comment Adds a comment to the element.
Common Select one or more SSL cryptographic algorithms.
Note: SSL cryptographic algorithms in the Common section are compatible with SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2.
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS 1.2 Only Select one or more SSL cryptographic algorithms.
Note: SSL cryptographic algorithms in the TLS 1.2 Only section are only compatible with TLS 1.2.
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384