Filter
Top Products
Chapter 18 SSL VPN
ZyWALL (ZLD) CLI Reference Guide
152
The following sections list the SSL VPN commands.
18.2.1 SSL VPN Commands
This table lists the commands for SSL VPN. You must use the configure terminal command to
enter the configuration mode before you can use these commands.
user_name The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
eps_profile_name The name of an endpoint security object.
Table 77 Input Values for SSL VPN Commands (continued)
LABEL DESCRIPTION
Table 78 SSL VPN Commands
COMMAND DESCRIPTION
show sslvpn policy [profile_name] Displays the settings of the specified SSL VPN access policy.
show ssl-vpn network-extension local-ip Displays the IP address that the ZyWALL uses in setting up the SSL VPN.
show sslvpn monitor Displays a list of the users who are currently logged into the VPN SSL client
portal.
sslvpn network-extension local-ip ip Sets the IP address that the ZyWALL uses in setting up the SSL VPN.
sslvpn policy {profile_name |
profile_name append | profile_name
insert <1..16>}
Enters the SSL VPN sub-command mode to add or edit an SSL VPN access
policy.
[no] activate Turns the SSL VPN access policy on or off.
[no] application
application_object
Adds the SSL application object to the SSL VPN access policy.
[no] cache-clean activate Cleans the cookie, history, and temporary Internet files in the user’s
browser’s cache when the user logs out. The ZyWALL returns them to the
values present before the user logged in. The no command disables this
setting.
[no] description description Adds information about the SSL VPN access policy. Use up to 60 characters
(“0-9”, “a-z”, “A-Z”, “-” and “_”).
[no] eps <1..8> eps_profile_name Sets endpoint security objects to be used for the SSL VPN access policy.
The ZyWALL checks authenticated users’ computers against the policy’s
selected endpoint security objects in the order from 1 to 8 you specified.
When a user’s computer meets an endpoint security object’s requirements
the ZyWALL grants access and stops checking.
To make the endpoint security check as efficient as possible, arrange the
endpoint security objects in order with the one that the most users should
match first and the one that the least users should match last.
[no] eps activate Sets to have the ZyWALL check that users’ computers meet the Operating
System (OS) and security requirements of one of the SSL access policy’s
selected endpoint security objects before granting access. The no
command disables this setting.
eps insert <1..8> eps_profile_name Inserts the specified endpoint security object to the specified position for
the endpoint security objects checking order.
eps move <1..8> to <1..8> Moves the first specified endpoint security object to the second specified
endpoint security object’s position.
[no] eps periodical-check activate Sets whether to have the ZyWALL repeat the endpoint security check at a
regular interval configured using the next command. The no command
disables this setting.