Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Remote access to endpoints

Add a bookmark to remotely access the following endpoints and servers:

  • Windows endpoints using Remote Desktop Protocol (RDP)
  • Linux and UNIX endpoints using Virtual Network Computing (VNC)

Add RDP or VNC bookmarks

  1. Go to Remote access VPN > Clientless SSL VPN policy.
  2. Under Bookmarks, click Add.
  3. Enter a name.
  4. Under Type, select one of the following options:

    • RDP: Allows remote access to Windows endpoints and servers
    • VNC: Allows remote access to Linux and UNIX endpoints and servers
  1. Under URL, enter the destination endpoint's IP address or hostname.
  2. Optional: Enter the service port configured on the destination endpoint if it differs from the default value.
  3. Optional: Turn on Automatic login and enter the destination endpoint's username and password if you want the firewall to automatically establish sessions with these credentials.

    If you turn it off, users must enter the endpoint's sign-in credentials.

  4. Optional: Enter the Windows network domain to which the user account and the endpoint belong.

    Here's an example of the format: test or test.example or

  5. Select the Protocol security from the following options:

    • TLS: Establishes TLS-encrypted sessions.
    • NLA: Network Level Authentication requires user authentication to establish an encrypted session. NLA turns on Automatic login, and you must enter a username and password.
    • RDP: Establishes sessions using RDP protocol's security.


    We recommend establishing TLS or NLA-protected sessions.

  6. Optional: Turn on Share session to share the session with other users, for example, for collaborative sessions.

  7. Click Save.
  1. Under URL, enter the destination endpoint's IP address or hostname.
  2. Optional: Enter the service port configured on the destination endpoint if it differs from the default value.
  3. Optional: Turn on Automatic login and enter the destination endpoint's password if you want the firewall to automatically establish sessions with this password.

    If you turn it off, users must enter the endpoint's password.

  4. Optional: Turn on Share session to share the session with other users, for example, for collaborative sessions.

  5. Click Save.

Add to clientless SSL VPN policy

Add the bookmark to a clientless SSL VPN policy. See Add a clientless SSL VPN policy.

Endpoint and server connection options

Users can access the bookmarks through the user portal. To establish the connection, they must click the bookmark. See Clientless access connections.

To see the options after establishing the connection, users must do as follows:

  1. Hover over the top of the remote server's screen.

    RDP and VNC options.

  2. Click Connection and click one of the following options:

    • Stop session: Stops the session for all shared users.
    • Suspend session: Pauses the session only for the user who suspends the session. The session resumes when the user next clicks Connect in the user portal.

      The session isn't paused for shared users.

  3. Click Keyboard and choose a keyboard shortcut or change the language.


    To apply a language other than English listed under Keyboard, make sure the server's language is set to US English.

More resources