Create an SSL profile

This topic shows how you enable SSL remote access, configure basic settings and access control.

  1. Go to Remote Access > SSL > Profiles.

  2. Click New Remote Access Profile.

  3. Enter a name.

  4. Make the following settings:

    Select authorized users and assign access conditions.

    Users and groups: Select the users and user groups who should be able to use SSL remote access (in this example: gforeman).

    Local networks: Select the local networks that should be accessible to SSL clients (in this example: Internal (Network)).

    Note: If you want that SSL-connected users are allowed to access the internet, you must select Any in Local networks. Additionally, you must define appropriate Masquerading or NAT rules.

    Automatic firewall rules: Select to automatically create firewall rules for the SSL VPN tunnel traffic. These rules exist only for the lifetime of the tunnel. If you don’t select this option, you must define the firewall rules manually (see below).

    Comment (optional): Add a description or other information.

  5. Click Save.

    The profile shows in the list and is active.

Cross Reference: Find more information about remote access in the UTM administration guide under Remote Access.