General tab
Enable SSL VPN: Allows enabling SSL VPN and choosing from three options offers in the table below.
| Access only to web servers | Use of the SSL VPN module to access web-based resources. Enables the Web servers tab. |
| Access only to application servers | Use of the SSL VPN module to access resources on a TCP connection. Enables the Application servers tab. |
| Access to both web and application servers | Use of the SSL VPN module to access web-based and TCP-based resources. Enables both the Web servers and Application servers tabs. |
Advanced properties
Access to servers via SSL VPN
| Prefix for the URL root directory | Stormshield Network’s SSL VPN technology enables masking the real addresses of servers to which users are redirected, by rewriting all URLs contained in HTTP pages visited. These URLs will then be replaced by a prefixed followed by 4 digits. This field enables defining the prefix to be used. |
| HTTP header for user ID | This field’s value will be sent to the web server in the HTTP header of outgoing queries, along with the user’s login. This value can be used for checks and/or transparent authentication on the source of the queries. In the event the server to which HTTP traffic is redirected requests authentication, a login can be defined in the header of the HTTP packet. This login may be useful in indicating, for example, that this traffic arriving on the server come from the firewall and can be accepted by the server without authentication. |
Client workstation configuration
| Command executed at startup | This command, which is executed when the applet is launched, allows the administrator to define actions to perform before displaying the applet. For example, this command may launch a script (installed on a server) which will modify the parameters of the user’s mail account in such a way that when the applet is launched, SMTP and POP traffic will be automatically redirected, all without the user’s intervention. |
| Command executed during shutdown | This command, which is launched when the applet is shut down, allows the administrator to define actions to perform before shutting down the applet. For example, this command may launch a script (installed on a server) which will modify the parameters of the user’s mail account in such a way that when the applet is shut down, SMTP and POP traffic will no longer be automatically redirected, all without the user’s intervention. |