Skip to content

Clientless SSL VPN

You can allow users to access services and areas, such as network hardware, endpoint devices, and file sharing, using a browser.

To gain access to clientless SSL VPN, users don't need to install VPN clients. Use clientless SSL VPN policies to provide restricted access to resources and services rather than allow access to entire systems or networks.


You must create bookmarks for the services you want to allow. You can then configure clientless access policies specifying the users (policy members) and the bookmarks.

You can specify the IP address of the endpoint to which you want to allow access, the connection type, and the security settings.

Members of a clientless SSL VPN policy can access bookmarks in the VPN portal by going to VPN > Clientless access connections. Clicking a bookmark opens a secure connection to the selected resource in a new window.


To allow access to clientless SSL VPN for remote users, go to Administration > Device access and allow WAN access to the VPN portal.

Assign bookmarks to clientless SSL VPN policies to give users access to your internal networks or services. For example, you can allow access to file sharing or allow remote desktop access.


Bookmarks don't support dynamic URLs.

Bookmark groups

Bookmark groups allow you to combine bookmarks for easy reference.

For example, you can create a group with all the bookmarks for remote desktops rather than add these individually to a clientless SSL VPN policy.

More information