Introduction:
This document describes an issue faced by an user where he is not able to access VPN3000 Concentrator over HTTPS/SSL after an upgrade.
What is SSL/HTTPS?
SSL stands for Secure Socket Layer.It is a widely-used protocol which enables the administrator to manage the security of a message while in transmission over Internet.It utilizes a program layer which is between:
- Hypertext Transfer Protocol (HTTP)
- Transport Control Protocol (TCP)
SSL is avilable as an intigrated part of Microsoft and Netscape browsers and majority of web servers. The "sockets" may be defined as a process of allowing data to and fro between a client and a server or between program layers present in the same computer. RSA is used for public-and-private key encryption in SSL, which includes the allowance to use digital certificate.
Resolution
Complete these steps in the VPN 3000 Concentrator to resolve this issue:
1. Select Configuration > Tunneling and Security > SSL > HTTPS.
2. Check Enable HTTPS and ensure that HTTPS Port is set to 443.
3. Select Configuration > Interfaces.
4. Select the Public interface.
5. Go to the Web VPN tab and check Allow Management HTTPS sessions.
6. In the General tab, verify that you have Public (Default) selected for Filter.
7. Select Configuration > Policy Management > Traffic Management > Filters.
8. Select the Public (Default) filter and click Assign Rules to Filter.
9. Verify that you have HTTPS permitted in the Current Rules in Filter list.
If all of these settings are configured properly, regenerate the certificates. Regenerating the certificates should resolve this issue.
For more information on HTTPS access to the VPN Concentrator, refer to Connecting to the VPN Concentrator Using HTTPS section of Using the VPN Concentrator Manager.
