Solved: Re: Can the SSL VPN client download page redirect ...

rijkrkk43 · ‎04-13-2019

When SSL VPN-Plus is configured and enabled, I can access it via https://edge-ip-address - which automatically redirects to https://edge-ip-address/sslvpn-plus/doaction.svp?type=login

However, if I type http://edge-ip-address (http, not https) I can't get to the page. Is there a way to redirect http://edge-ip-address to https://edge-ip-address

I tried using the load balancer and setting an application profile with the redirect, as well as an application rule - to no avail. I used the instructions from this thread: https://communities.vmware.com/thread/551463

chrisgnoon · ‎04-19-2019

What version of NSX are you using?

When creating the SSL VPN, isn't there an FW rule created on the ESG under VSE or user? Can you place a rule above it and block HTTP to the public IP address. Or does it NEED to be a redirect?

Chris Noon | CCDP | CCNP | VCDX 289
Don't forget to mark as solved if your questions are answered.

View solution in original post

chrisgnoon · ‎04-19-2019

What version of NSX are you using?

When creating the SSL VPN, isn't there an FW rule created on the ESG under VSE or user? Can you place a rule above it and block HTTP to the public IP address. Or does it NEED to be a redirect?

Chris Noon | CCDP | CCNP | VCDX 289
Don't forget to mark as solved if your questions are answered.

rijkrkk43 · ‎04-20-2019

Version is 6.3.5

A firewall rule is automatically created to allow 443.

The requirement was to have users redirected to https regardless if they typed that in, however I suppose that would mean adding a rule for port 80. Thank you.

chrisgnoon · ‎04-21-2019

I think you are on the right track.

Try adding the HTTP(TCP\80) rule and check if the redirection works.

Don't forget to mark the answer as correct if you fix your issue.

Chris Noon | CCDP | CCNP | VCDX 289
Don't forget to mark as solved if your questions are answered.

All

Can the SSL VPN client download page redirect from http to https?