SSL VPN is a VPN technology based on HTTPS (Secure HTTP, that is, HTTP protocol supporting SSL), which works between the transport layer and the application layer. SSL VPN makes full use of the certificate based authentication, data encryption and message integrity verification mechanisms provided by SSL protocol, and can establish a secure connection for communication between application layers.
SSL VPN is the simplest and most secure solution for remote users to access the company’s sensitive data. Compared with the complex IPSec VPN, SSL is more convenient to realize the remote connection of information through a relatively simple method. SSL VPN can be used by any machine that installs the browser. Because SSL is embedded in the browser, it does not need to install client software for each client as traditional IPSec VPN does.
SSL VPN is widely used in web-based remote security access, providing security guarantee for users to remotely access the company’s internal network. The administrator creates the resources corresponding to the server in the enterprise network on the SSL VPN gateway; When the remote access user accesses the server in the enterprise network, first establish an HTTPS connection with the SSL VPN gateway, select the resources to be accessed, and the SSL VPN gateway forwards the resource access request to the server in the enterprise network. SSL VPN protects servers in the enterprise network by establishing SSL connection between remote access users and SSL VPN gateway, and SSL VPN gateway authenticates users.
The working mechanism of SSL VPN is as follows:
(1) The administrator logs in to the web management interface of the SSL VPN gateway in HTTPS mode, and creates resources corresponding to the server on the SSL VPN gateway.
(2) Remote access users establish HTTPS connection with SSL VPN gateway. Through the certificate based authentication function provided by SSL, SSL VPN gateway and remote access users can verify each other’s identities.
(3) After the HTTPS connection is successfully established, the user logs in to the Web page of the SSL VPN gateway, enters the user name, password, and authentication method (such as RADIUS authentication), and the SSL VPN gateway verifies whether the user’s information is correct.
(4) After the user successfully logs in, he/she can find the resources he/she can access on the Web page and send the access request to the SSL VPN gateway through the SSL connection.
(5) The SSL VPN gateway parses the request and sends the response to the user after interacting with the server.
The above is the working mechanism of Cisco CCIE network security technology SSL VPN. If you have more questions, please leave a message. spoto https://cciedump.spoto.net/