Accessing an Internal HTTP Site

[Gabriel2010]

Dear All,Hello

I've been looking into SSL VPN appliances & products such as those from e-Gap and Aventail. It seems just about every SSL VPN requires an Active X and/or a Java client to be able to run in the remote-user.

Considering a lot of companies block or do not allow Active x and JVM, it's sort kills the purpose of using it the 1st place. I have some info, however, has anyone been able to deploy one of these firewalls or SSL appliances to access an internal, plain HTTP site/Intranet?

We just want to be able to access this internal site w/o the need of installing additional client software on the end-user side.
I haven't worked on Check Point firewalls in a while, I do recall they had an "HTTP server" functionality. Was able to set up the SMTP server side (store & forward at the CP firewall) but never tried the HTTP server feature. As I recall, it would allow access to an internal web site using something like, https:/

http://wwww.cpfirewall131313131.com/intranet

websiteetc

Any information is gladly welcome.

Gabriel


Glad to be here!

 

[lancelote]

You can just autorize any user to go to your web server via a security rules plus a nat rules that allow you to access web server.
Otherwise you have the fonctionnality of the Authority server that allow you to identifie user and allow them to access to a web server inside the VPN domain.

regards


LaNceLoT

 

[Gabriel2010]

Ok.

Meaning that the HTTP server component has to be set up?
Or is this done using the public IP of the server (

httpS://public.ip.of.firewall/intranetserver/)?

The Intranet web server is not SSL enabled.

The idea is not to use any IPSEC protocols/ports, just a plain SSL connection, preferably a link (HTTPS) at the browser where user can login to access intranet.

Also, making the intranet SSL-enabled is out of the question due to the confidential data.

Thanks!

Gabriel



Glad to be here!

 

[Gabriel2010]

ok

Glad to be here!