Enable the SSL VPN Portal

Create and enable the SSL VPN Portal to make the SSL VPN Portal available through one or more firewalls.

Before you begin

You must have an SSL VPN Portal Policy.

For more details about the product and how to configure features, click Help or press F1.

Steps

Select Configuration, then browse to SD-WAN.
Browse to SSL VPN Portal > SSL VPN Portals.
Right-click SSL VPN Portals, then select New SSL VPN Portal.
In the Name field, enter a unique name.

Note: The name must only contain letters, numbers, dashes (-), and underscores (_).The name cannot contain spaces.
Next to the SSL VPN Portal Policy field, click Select, then select an SSL VPN Portal Policy.
Next to the Hostnames table, click Add, then add one or more host names.
Enter the domain name or IP address that the user enters in their web browser to access the SSL VPN Portal.
Next to the Server Credentials table, click Select, then select a TLS Credentials element. Alternatively, select Use Self-Signed Certificate to create and use a self-signed certificate.
On the Look & Feel tab, configure the look and feel settings.
1. In the Title field, enter the title to show in the end user's web browser when they access the SSL VPN Portal webpage.
2. From the Look & Feel drop-down list, select an option, or select Custom to create a customized look and feel for the SSL VPN Portal.
3. If you selected Custom, configure the options.
4. (Optional) To view the changes you have made, select Preview SSL VPN Portal Webpage or Preview SSL VPN Portal Logon Webpage .
On the Target Engine tab, select one or more firewalls for which you want to enable the SSL VPN Portal.
1. Click Add to add a row to the table.
2. Double-click the Target Engine cell, then select the firewall for which you want to enable the SSL VPN Portal.
On the Advanced tab, configure the advanced settings.
Click OK.

Note: After you have created an SSL VPN Portal element, you can enable it in an engine in the Engine Editor.

The SSL VPN Portal is now available through the firewalls that you added to the Target Engine table.

SSL VPN Portal Properties dialog box

Use this dialog box to define the properties of an SSL VPN Portal element.

Option	Definition
General tab
Name	The name of the SSL VPN Portal element. The name must only contain letters, numbers, dashes (-), and underscores (_).The name cannot contain spaces.
SSL VPN Portal Policy	The policy defines the SSL VPN Portal services and access control rules of the portal. Click Select to select an SSL VPN Portal Service Profile.
Hostnames	Domain names and IP addresses of the SSL VPN Portal.
Add	Adds an entry to the Hostnames table.
Remove	Removes the selected entry from the Hostnames table.
Server Credentials	The TLS Credentials selected for the SSL VPN Portal element. The TLS Credentials element contains the private key and the certificate for establishing SSL connections to the SSL VPN Portal. Click Select to select the TLS Credentials element.
Use Self-Signed Certificate	Allows you to create and use a self-signed certificate. Deselect if you want to select a TLS Credentials element.
Remove	Removes the selected entry from the Server Credentials table.
Category	Shows the assigned category. Click Select to include the element in predefined categories.
Comment	Adds a comment to the element.

Option	Definition
Look & Feel tab
Title (Optional)	The title shown in the end user's web browser when they access the SSL VPN Portal webpage.
Look & Feel	Select a Forcepoint default theme or create a custom theme.
SSL VPN Portal Theme	Select a Light or a Dark theme for the SSL VPN Portal. The selection does not affect the appearance of the SSL VPN Logon Page.
Logon Page Background (Optional)	The background image for the SSL VPN Portal Logon page. Click Browse to select the .png file. Click None to remove the previous .png file selection.
Brand Color (Optional)	Allows you to select your company's brand color for the portal.
Company Logo (Optional)	The company logo shown in the SSL VPN Portal. Click Browse to select the .svg file. Click None to remove the previous .svg file selection.
Favicon (Optional)	The icon shown in the end user's web browser when they access the SSL VPN Portal webpage. Click Browse to select the .ico file. Click None to remove the previous .ico file selection.
Preview SSL VPN Portal Logon Webpage	Click to open a preview of the SSL VPN Portal Logon webpage in a web browser.
Preview SSL VPN Portal Webpage	Click to open a preview of the SSL VPN Portal webpage in a web browser.

Option	Definition
Target Engine tab
Target Engine	The VPN Gateway elements that provide SSL VPN Portal access.
Port	The port to use for SSL connections to the SSL VPN Portal. The default port is 443.
Add	Adds an entry to the Target Engine table.
Remove	Removes the selected entry from the Target Engine table.

Option	Definition
Advanced tab
Idle Timeout	Sets the length of idle time before the user is automatically logged out of the SSL VPN Portal.
Session Timeout	Sets the length of the user session before the user is automatically logged out of the SSL VPN Portal.
Log Level for SSL VPN Portal Services	Select one of these options: None — Does not create any log entry. Transient — Creates a log entry that is displayed in the Current Events mode in the Logs view (if someone is viewing it at the moment), but is not stored. Stored — Creates a log entry that is stored on the Log Server. This is the default log level for SSL VPN Portal Services. Essential — Creates a log entry that is shown in the Logs view and saved for further use. Alert — Triggers the alert you add to the Alert field.
Allow Persistent User Sessions (Optional)	When selected, users remain logged on to the SSL VPN Portal even after closing the browser until the defined session timeout is reached.
Allow Empty Referrer in HTTP Headers (Optional)	When selected, web browsers are not required to include referrer information in HTTP headers.
Set to Default	Discards the changes and reverts to the default settings.