Specific characteristics of the Stormshield SSL VPN client
This section presents some of the specific characteristics of the Stormshield SSL VPN client.
Compatible versions and operating systems
For more information on operating systems and compatible versions, refer to the section SSL VPN Client in the Network Security & Tools Product Life Cycle document.
Ports and protocols
In a default configuration, the Stormshield SSL VPN client must be able to contact the following ports to set up connections.
| Source | Destination | Protocol/Port (default) | Purpose of the connection |
|---|---|---|---|
|
Client (SSLVPNService) Stormshield mode only |
SNS firewall | TCP/443 (captive portal) |
Retrieving the VPN configuration and sending information to the SNS firewall to verify the compliance of the client workstation (ZTNA) |
| Client (OpenVPN) | SNS firewall | UDP/1194 (SSL VPN) |
Setting up the connection |
| Client (OpenVPN) | SNS firewall | TCP/443 (SSL VPN) |
Setting up the connection (compatibility) |
To set up a connection with the SNS firewall, the Stormshield SSL VPN client always uses UDP first to ensure optimal performance. This sequence is defined in the VPN configuration file provided by the SNS firewall.
Running scripts (Windows only)
The Windows Stormshield SSL VPN client can automatically run scripts on the user's workstation every time a connection is opened or closed.
The SNS firewall provides these scripts to the Stormshield SSL VPN client. These scripts have to be added to the configuration of the SNS firewall’s SSL VPN service. For more information, refer to the SSL VPN administration guide for SNS firewalls and Stormshield SSL VPN clients.
Limitations and explanations on usage
For more information, refer to the section Limitations and explanations on usage in the Stormshield SSL VPN Client v5 Release Notes.