Blocking External Access to the Administration Portal
38 Firebox SSL VPN Gateway
5 In a Web browser, type the address of the Firebox SSL VPN Gateway using either the IP address or
fully qualified domain name (FQDN) to connect to either the internal or external interface. The
format should be either https://ipaddress or https://FQDN.
6 Type the logon credentials. The WatchGuard Firebox SSL VPN Gateway portal page appears.
7Click My own computer and then click Connect.
The Secure Access Client connection icon appears in the notification area, indicating a successful connection.
The initial configuration is complete. After completing the initial configuration, you can configure acces-
sible networks so you can connect to all of your network resources, such as email, Web servers, and file
shares as if you are in the office. To test your configuration, try connecting to the applications and
resources that are available from the corporate network.
Blocking External Access to the Administration Portal
By default, if the Firebox SSL VPN Gateway is configured to use both network adapters, the external
adapter can be used to access the Administration Portal from outside the firewall. To block access to the
Administration Portal from the external adapter, clear the check box for this option.
To block external access to the Administration Portal
1Click the VPN Gateway Cluster tab.
2On the Administration tab, clear the check box for Enable External Administration.
3Click Apply Change.
Using Portal Pages
The Firebox SSL VPN Gateway provides logon access using five portal pages. The portal page users see
depends on the configuration of the Firebox SSL VPN Gateway. These include:
• Using the default portal page that provides full Secure Access Client and kiosk mode options. The
default portal page is the only one that can be customized with your company name and logo.
• Redirecting the user to the Web Interface logon page.
• Providing a portal page that allows users the choice of logging on using Secure Access Client, the
Web Interface, or kiosk mode.
• Pre-authentication Web page that appears when a pre-authentication policy is configured on the
Firebox SSL VPN Gateway.
• Redirection to a Web page when double-source authentication is configured on the Firebox SSL
VPN Gateway and the user logs on using Web access.
Using the Default Portal Page
Note
You can also include links to the Secure Access Client and kiosk mode on your Web site, as described in
“Linking to Clients from Your Web Site” on page 41.