Install and access SSL VPN agent

Available in VPC

This section explains how to install and access SSL VPN agent and view your access.

Preparations

Preparations before installing and accessing the SSL VPN Agent are as follows:

Before using SSL VPN (installation and access), ensure that the environment allows access to the following URLs: If access is not allowed by a security solution (such as firewall and NAC), there may be restrictions on Agent installation and service use.
- Access to port 443 must be allowed for the SSL VPN access URL.
  - You can check the SSL VPN access URL in the email you received when you created the SSL VPN and in the access URL on the SSL VPN screen
  - You can check the full access URL from the SSL VPN access URL
- Access to port 8443 must be allowed for the SSL VPN authentication URL.
  - You can check the full authentication URL from the SSL VPN authentication URL
SSL VPN requires network access to log in or install the agent.

Install SSL VPN agent

To install SSL VPN agent, follow these steps:

Caution

Do not install SSL VPN agent while another VPN connection is enabled, as this may cause conflicts with your access environments.

1. Download agent

Depending on the operating system in use, you must download the SSL VPN agent file. For more information on how to download agent, see Download SSL VPN.

2. Install agent

To install an agent, follow these steps:

Install on Windows

Unzip the downloaded file from 1. Download agent and run the file with the .exe extension.
When the BIG-IP Edge Client Setup popup window appears, click the [Install] button.
Click the [Finish] button when the installation is completed.

Install on macOS

Unzip the downloaded file from 1. Download agent and run the file with the .pkg extension.
When the Install BIG-IP Edge Client popup window appears, click the [Continue] and [Install] buttons.
Click the [Close] button when the installation is completed.

Access SSL VPN agent

Caution

Your account is automatically disabled in case of 5 or more consecutively failed SSL VPN login attempts. To enable your account, see Enable user.

To access SSL VPN agent, follow these steps:

Access on Windows

Run the BIG-IP Edge Client that you installed in 2. Install agent
When the BIG-IP Edge Client popup window appears, click the [Change server] button.
In Select a server, enter the SSL VPN access path and click the [Next] button.
- For more information on the SSL VPN access path, see the email you received when you created the SSL VPN and the access URL on the SSL VPN screen.
When the BIG-IP Edge Client popup window appears, click the [Connection] button.
- Click the [View details] button to view the details of the access path.
In the login popup window, enter your VPN login information and click the [Logon] button.
If you have set up a two-factor authentication method, enter the OTP authentication number when the authentication number enter screen appears, and then click the [Logon] button.
- The OTP authentication number will be sent to you through Email/SMS.
- Upon successful authentication, the access is completed.

Caution

If the SSL VPN access URL is not added to the trusted site, the security warning popup window appears.
[Add this site to your trusted sites to always allow this site.] If you select it, the site is automatically added to the trusted sites, and the popup window does not appear after then.
[Do not inspect and connect this site.] If you select it, you cannot connect to SSL VPN.

Note

You can view the traffic usage by clicking the [View graph] button.
Click the [View details] button to view the details of the access path.

Access on macOS

Run the BIG-IP Edge Client that you installed in 2. Install agent
Click on the menu bar and select the [Manage VPN Server...] menu.
Click the [+] button, then enter the SSL VPN access path in Server Name and Server Address, and click the [Create] button.
- For more information on the SSL VPN access path, see the email you received when you created the SSL VPN and the access URL on the SSL VPN screen.
Click in the menu bar to check if the correct SSL VPN access path is selected, then select the [Turn on VPN] menu.
- Click the [View more] button to see the details of the connection path.
In the login popup window, enter your VPN login information and click the [Login] button.
If you have set up a two-factor authentication method, enter the OTP authentication number when the authentication number enter screen appears, and then click the [Login] button.
- The OTP authentication number will be sent to you through Email/SMS.
- Upon successful authentication, the access is completed.

Caution

If the F5 Endpoint Inspector application program is not installed, the error message End Point Inspection Helper App Alert appears. Click Download to install the application program and access SSL VPN. If you do not install the program, you cannot connect to SSL VPN.

SSL VPN access URL

The full SSL VPN access URL is as follows:

Korea
- sslvpn-kr-vpc-01.ncloud.com
- sslvpn-kr-vpc-02.ncloud.com
- sslvpn-kr-vpc-03.ncloud.com
Singapore
- sslvpn-sg-vpc-01.ncloud.com
Japan
- sslvpn-jp-vpc-01.ncloud.com

SSL VPN authentication URL

The full SSL VPN authentication URL is as follows:

Korea
- auth-sslvpn-kr-vpc.ncloud.com
Singapore
- auth-sslvpn-sg-vpc.ncloud.com
Japan
- auth-sslvpn-jp-vpc.ncloud.com

Check SSL VPN agent access

To check SSL VPN agent access, follow these steps:

Run the console window.
- Windows: press the key and [R] at the same time, enter cmd in the Run window, and then click the [OK] button.
- macOS: run the Terminal app.
Enter the following command to check the current user's IP information.
- Windows: ipconfig
- macOS: ifconfig
If you have an IP that is included in the IP pool assigned when creating the SSL VPN, you are successfully connected.

Note

If you have set rules for the SSL VPN IP pool on ACG, then you can verify communication with the VM using commands, such as ping and ssh. For more information on how to use the it, see Set ACG.