WebVPN

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(Contents Settings)
Line 46: Line 46:
 
** Domain: subdomain for this internal web service.
 
** Domain: subdomain for this internal web service.
 
** Name: alias for this web service.
 
** Name: alias for this web service.
 +
** Content replacement: search and replace content in webpages. For example, you can replace hardcoded local web resources to webvpn domain URL.
 
** Target URL: target URL of local network web service, both http and https can be supported. For example:  
 
** Target URL: target URL of local network web service, both http and https can be supported. For example:  
 
<code>
 
<code>

Revision as of 22:43, 4 December 2021

Contents

1 WebVPN

WebVPN offers clientless VPN access to an organization's internal websites and web applications through a browser, without any need of additional client software.

2 Settings

  • WebVPN: whether to enable WebVPN service.
  • Debug: whether to enable debug log. When enabled, you can click "Check Log" to check error log.
  • Domain: The WebVPN system shall be accessed via a domain name. For example: wfilterngf.com( no "www." required.). Dynamic domains are also supported. Please note: you need to apply the domain from a domain registration provider.
  • Protocol: HTTP or HTTPS access to the WebVPN service.
  • Port: Port of the WebVPN system. Please do not conflict with other service ports. Please note that 80 and 443 ports are occupied by the WebUI system. If you want to run WebVPN on these two ports, you might setup "port forwarding" to forward 80/443 port to the WebVPN service.

Webvpn001.png

  • Edit Login

Edit the login page when visiting the WebVPN system.

Webvpn002.png

3 Authentication

  • Timeout: the maximum session timeout when browser is not closed. A session always timeout immediately if browser is closed.
  • User & Pass Auth: authenticate by username and password, supported authtype:
    • "Local Auth": authenticate with username and password of local accounts. Only "local users" with "VPN" priviledge have VPN access.
    • "Email Auth": send credentials to a pop/imap email server for authentication.
    • "Ldap Auth": send credentials to a ldap server for authentication.
    • "Radius Auth": send credentials to a remote radius server for authentication.
  • Third Party Auth: authenticate via a third party service: dingtalk, business wechat.

Webvpn001 2.png


4 SSL Certificate

For https access, you can upload your website SSL certificate files in "Certificate" settings.

Webvpn certificate.png

5 Contents Settings

List of available internal web services. Please note: only web services are available.

Webvpn004.png

  • Content Settings
    • Domain: subdomain for this internal web service.
    • Name: alias for this web service.
    • Content replacement: search and replace content in webpages. For example, you can replace hardcoded local web resources to webvpn domain URL.
    • Target URL: target URL of local network web service, both http and https can be supported. For example:

http://192.168.10.100

https://192.168.10.200:8443

Webvpn005.png

  • Edit Portal

Edit the portal page which will be displayed upon successful login.

Webvpn003.png

6 External Links

Personal tools
Namespaces

Variants
Actions
Navigation
Tools