Operation: Add SSLVPN Policy / Edit SSLVPN Policy
Description: To Add/Edit SSL VPN Policy for determining access mode available to the remote users.To edit SSL VPN Policy. 

Sample Configuration
<SSLVPNPolicy> <TunnelPolicy> <Name>Name</Name> <Description>Text</Description> <PolicyMembers> <Member /> : </PolicyMembers> <!--TunnelAccess Enable --> <UseAsDefaultGateway>off/on</UseAsDefaultGateway> <PermittedNetworkResourcesIPv4> <Resource>#PortA</Resource> : </PermittedNetworkResourcesIPv4> <PermittedNetworkResourcesIPv6> <Resource>#PortA</Resource> : </PermittedNetworkResourcesIPv6> <DisconnectIdleClients>on/off</DisconnectIdleClients> <OverrideGlobalTimeout>Number</OverrideGlobalTimeout> </TunnelPolicy> <ClientlessPolicy> <Name>Name</Name> <Description>Text</Description> <PolicyMembers> <Member /> : </PolicyMembers> <RestrictWebApplications>Enable/Disable</RestrictWebApplications> <WebAccessibleResources> <BookmarkGroups>mailsitesbookmarkgroup</BookmarkGroups> <Bookmarks>bkyahoo</Bookmarks> : </WebAccessibleResources> </ClientlessPolicy> </SSLVPNPolicy>



Parameter Mandatory Default Description
NameYes  
Specify a name for SSL VPN Policy.
Name confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • UTF-8 character(s) are allowed.
Web AccessYes  
Enable Web Access mode for remote users.
Web Access confines to:
  • Type is 'SCALAR'.
  • Only '1', '6' are allowed.
DescriptionNo  
Specify SSL VPN Policy description.
Description confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
UseAsDefaultGatewayNo SplitTunnel 
Select tunnel type for routing user's traffic from the available options: Split Tunnel or Full Tunnel.
UseAsDefaultGateway confines to:
  • Type is 'SCALAR'.
  • Only 'Off', 'On' are allowed.
ResourceNo  
Host/Network that remote user can access.
Resource confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • NoComma
  • Multiple values are allowed.
  • Duplicate values will be ignored.
PermittedNetworkResourcesIPv6No  
Host/Network that remote user can access.
PermittedNetworkResourcesIPv6 confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • UTF-8 character(s) are allowed.
  • Multiple values are allowed.
  • Duplicate values will be ignored.
DisconnectIdleClientsNo UseGlobalSettings 
Select whether to use Global Settings or Override Global Settings.
DisconnectIdleClients confines to:
  • Type is 'SCALAR'.
  • Only 'Off', 'On' are allowed.
OverrideGlobalTimeoutNo  
If Override Global Settings option is selected, mention idle timeout in minutes.
OverrideGlobalTimeout confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 15 to 360 is allowed.
RestrictWebApplicationsNo  
Enable access to Custom URLs for Web Access Mode.
RestrictWebApplications confines to:
  • Type is 'SCALAR'.
  • Only 'Disable', 'Enable' are allowed.
WebAccessibleResourcesNo  
Bookmarks/Bookmarks Group the remote user can access in Web Access mode.
WebAccessibleResources confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • NoComma
  • Multiple values are allowed.
  • Duplicate values will be ignored.
MemberNo  
Enable Web Access mode for remote users.
Member confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.



Operation   Status   Message
Add SSLVPN Policy200
Add SSLVPN Policy500
Add SSLVPN Policy502
Edit SSLVPN Policy200
Edit SSLVPN Policy500
Edit SSLVPN Policy502

© Copyright 2019 Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.