SSL VPN
Armor offers one free SSL VPN user per account.
To fully use this screen, you must have the following permissions assigned to your account:
Write SSL VPN Devices and Users
Read SSL VPN Devices and Users
Read Virtual Data Centers
Cisco AnyConnect VPN
Enable Your SSL VPN Access
To enroll in Cisco AnyConnect, please contact Armor Support via ticket or live chat at amp.armor.com or via phone (US: +1) 877 262 3473 or (UK: +44) 800 500 3167. We are here to help.
If you have created a virtual machine, then you must enable and install your SSL VPN client.
If you run Linux, then please Install SSL VPN for Linux.
For MacOS, update to MacOS (64-bit, compatible with 10.1.x and above).
In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click SSL VPN.
Click Members.
Click the plus ( + ) icon.
In the field, enter and select the name of the user, or their email address.
Mark the desired data center or data centers that the user can connect to.
Click Submit.
The newly added user will appear in the table; the table is organized in alphabetical order, based on the first name of the user.
Log into the client.
Your SSL VPN login credentials are the same credentials you use to access the Armor Management Portal (AMP).
Disable SSL VPN for your user
To disable SSL VPN for a user, you must have the following permissions assigned to your account:
Write SSL VPN Devices and Users
Read SSL VPN Devices and Users
Read Virtual Data Centers
In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click SSL VPN.
Click Members.
In the top bar, select the desired data center.
Locate and hover over the desired user.
Click the trash icon that appears.
Click Remove Access.
Armor offers one free SSL VPN user per account.
To fully use this screen, you must have the following permissions assigned to your account:
Write SSL VPN Devices and Users
Read SSL VPN Devices and Users
Read Virtual Data Centers
Download and install the Cisco AnyConnect SSL VPN client
To enroll in Cisco AnyConnect, please contact Armor Support via ticket or live chat at amp.armor.com? or via phone (US: +00) 1 877 262 3473 or (UK: +44) 800 500 3167. We are here to help.
The Cisco AnyConnect Client is used to create a secure connection from your local computer to your Secure Cloud Servers within Armor's environment.
Download the client. Select the link that corresponds to your operating system:
Windows
macOS
Linux
Once the file has downloaded, run the installer, and then follow the on-screen prompt.
If you have any issues downloading or installing the AnyConnect client, please contact Armor Support through the Armor Ticketing System.
Connect to Cisco AnyConnect SSL VPN client
In your local machine, open the Cisco AnyConnect Client.
Verify and select the correct hostname:
Data Center Web Address Dallas vpn-1.armor.com/okta Chicago vpn-6.armor.com/okta London vpn-3.armor.com/okta Frankfurt vpn-16.armor.com/okta Enter your VPN credentials.
Click Connect.
You will be connected via multi-factor authentication (MFA). Answer the phone call from Armor, and then follow the instructions.
Troubleshooting
Troubleshooting SSL VPN
Billing
If you are concerned about your billing statement for SSL VPN devices (members), consider that:
You may have members in other data centers. In the top menu, there is a drop-down menu that you can use to switch across different data center views. As a result, when you switch to a different data center view, you may see additional members.
If you have the same SSL VPN member in multiple data centers, you will only be billed for the one member. For example, if you have one member in DFW01 and the same member in LHR01, then you will only be billed for one member; however, if you have multiple members in a single data center location, then you will be charged for those additional members.
In short, you will be billed for every unique member, regardless of how many data centers are included.
Archived Search
Log Search for VMWare SSL VPN
Please see the Log Search documentation for more information.
Field | Filter by |
---|---|
nsx_edge.sslvpn.action | This indicates the action taken. Those listed below are the only ones of interest.
|
nsx_edge.sslvpn.log_level | This the log level from the Edge Gateway |
nsx_edge.sslvpn.local_ip | The IP address of the client |
nsx_edge.sslvpn.timestamp | The timestamp of the action |
nsx_edge.sslvpn.username | The username of user taking the action |
nsx_edge.sslvpn.virtual_ip | The IP Address assigned to the user for that session |