User Portal: HTML5 VPN Portal

The HTML5 VPN Portal feature allows users from external sources to access internal resources via pre-configured connection types, using only a browser as a client.

Important Note – The HTML5 VPN Portal tab is only available for users for whom an administrator created VPN connections and added them to the allowed users. With Safari browser on Mac OSX or iOS, users have to import the CA certificate of Sophos UTM first before they can use clientless access. The CA certificate can be downloaded from Sophos UTM under Remote Access > Certificate Management > Certificate Authority.

Note – Users' browser has to be HTML5-compliant. The following browsers support the HTML5 VPN feature: Firefox 6.0 onwards, Internet Explorer 10 onwards, Chrome, Safari 5 onwards (on MAC only).

On the HTML5 VPN Portal tab the allowed connections are listed. The icons give a hint about the type of connection.

To use a connection, users need to proceed as follows:

  1. Clicking the respective Connect button.

    A new browser window opens. Contents and layout depend on the connection type, e.g., it contains a website if the user opened a HTTP or HTTPS connection, whereas it contains a command-line interface for SSH connections.

    Note – When using an Android device connecting to SSH, the keyboard may not work. In this case, users have to replace the Samsung keyboard by the original Google keyboard. This can be downloaded for free from the Play Store.

  2. Working in the new VPN window.

    For some tasks, the VPN window provides a connection-type-specific menu bar which fades in when the cursor is moved to the window top:

    • Using function keys or key combinations: If users want to use special commands like function keys or CTRL-ALT-DEL, they need to select the respective entry in the Keyboard menu.
    • Copy & paste from the local host into the VPN window: On the local machine, users need to copy the respective text into the clipboard. In the connection window, they need to select the Clipboard menu. With CTRL-V, they paste the text into the text box. After that they need to click the Send to Server button: With SSH or Telnet connections, the text will then be directly pasted at the cursor position. With RDP or VNC connections, the text will be sent to the clipboard of the server and can then be pasted as usual.

      Note – Copy & paste does not work with Webapp connections.

    • Copy & paste from the VPN window into another window: With SSH and Telnet connections, users can just copy and paste text like they would in local windows. With RDP or VNC connections, in the VPN window, users need to copy the respective text to their clipboard. Then they select the Clipboard menu. The copied text is displayed in the text box. Users need to mark the text and press CTRL-C. Now it is in the local clipboard and can be pasted as usual.
    • Changing keyboard layout in a Remote Desktop connection: For Remote Desktop connections with a Windows host, users can change the keyboard language settings of the VPN window. Especially for the Windows login the selected language should match the Windows language settings to ensure that users type the password correctly. Users need to select the appropriate language from the Keyboard > Keyboard Layout menu. The selected keyboard layout is saved in a cookie.
    • Go back to the Start page in a Webapp connection: To return to the default page in a Webapp connection, select the Navigation > Home menu.
  3. Closing the connection after having finished their work.

    • To finally terminate the connection, users need to select the Stop Session command from the Connection menu or close the browser window by clicking the X icon in the title bar. They can start a new session using the Connect button again.
    • To disconnect the session, users need to select the Suspend Session command from the Connection menu. The status of the session will be saved for five minutes. When they connect again during this time interval, users can continue the previous session.