Why opening the web login page of the SSL VPN gateway is slow

7

NOTE:
The Windows 7 operating system is used as an example.

The SSL VPN gateway runs on the HTTPS server. The possible causes are as follows:
-The browser has no root certificate of the HTTPS server installed.
-The browser has an incorrect root certificate of the HTTPS server installed.

Solution 1:
1. When you open the web login page of the SSL VPN gateway, the system displays the root certificate.
2. Install the root certificate to the browser.

Choose Install Certificate > Next > Place all certificates in the following store > Browse, select Trusted Root Certification Authorities, and click OK.

Solution 2:
1. Manually obtain the correct root certificate of the HTTPS server. Contact the enterprise network administrator.
2. Save the root certificate to the local device.
3. Install the root certificate to the browser.

Choose Install Certificate > Next > Place all certificates in the following store > Browse, select Trusted Root Certification Authorities, and click OK.

Other related questions:
When the AR router is used as the web server, the web platform page is displayed slowly
The possible causes and solutions are as follows: 1. A problem occurs on the local PC. Solution: Clear historical records and cache data on the local PC; upgrade the browser to the latest version or change the browser; upgrade flash player plug-in. 2. System software problem. Solution: Upgrade the router software. 3. The web access mode is incorrect. Solution: Change the web access mode to HTTPS.

Why is a user still displayed online on the SSL VPN gateway after the user closes the SSL VPN gateway page on a client
The user may only close the current tab or the browser without clicking Logout. After the previous operation, the user account is still displayed as an online user on the SSL VPN gateway. Wait a period of time and you can see that the user account is deleted from the user list. This waiting period is the session timeout time.

SSL VPN virtual gateway on the USG
Configure SSL parameters. Configure the SSL version supported by the USG, encryption suite, session timeout duration, and life cycle. You can retain the default values. Procedure: system-view v-gateway v-gateway-name //Access the virtual gateway view. basic, //Access the basic virtual gateway view. ssl version { sslv30+tlsv10 | tlsv10 } //Configure the SSL version supported by the USG. By default, the USG supports SSL3.9 and TLS1.0. ssl ciphersuit { allciphersuit | custom { aes256-sha | non-aes256-sha } { des-cbc3-sha | non-des-cbc3-sha } { rc4-sha | non-rc4-sha } { rc4-md5 | non-rc4-md5 } { aes128-sha | non-aes128-sha } { des-cbc-sha | non-des-cbc-sha } } //Configure the SSL encryption suite. ssl timeout time //Configure the SSL session timeout duration. ssl lifecycle { time | no-time-limit } //Configure the SSL life cycle. ssl session-reuse enable //Enable the SSL session reuse function. Follow-up processing display ssl //View SSL configuration.

Configuring an SSL VPN virtual gateway on the firewall
Configuring virtual gateways on the USG 1. system-view 2. v-gateway v-gateway-name { ip-address | interface interface-type interface-number } [ port port-number ] { private [ domain-name ] | public domain-name } //Create a virtual gateway. A private gateway is in exclusive mode, and a public gateway is in shared mode. 3. quit 4. v-gateway v-gateway-name ip address ip-address [ port port-number ] //Assign an IP address and a port number to the virtual gateway. Exclusive virtual gateway: v-gateway v-gateway-name ip address ip-address [ port port-number ] command: If the entered IP address is the existing IP address of the virtual gateway, this command changes the virtual gateway port number. If the entered IP address is not the IP address of the virtual gateway, this command adds the virtual gateway IP address. The undo v-gateway v-gateway-name ip address ip-address command deletes the IP address of the virtual gateway. The v-gateway v-gateway-name ip address old-ip-address new-ip-address [ port port-number ] command changes the IP address of the virtual gateway. Shared virtual gateway: v-gateway v-gateway-name ip address ip-address [ port port-number ] command: If the entered IP address is the existing IP address of the virtual gateway, this command changes the virtual gateway port number. If the entered IP address is not the IP address of the virtual gateway, this command changes the virtual gateway IP address. You cannot run the undo v-gateway ip address command to delete the IP address of the virtual gateway. The v-gateway v-gateway-name ip address old-ip-address new-ip-address [ port port-number ] command changes the IP address of the virtual gateway. If a port bound to the IP address of the virtual gateway is used for other purposes (such as web management or SSH login), the port cannot be configured as the port of the virtual gateway. 5. v-gateway v-gateway-name interface interface-type interface-number [ port port-number ] //Modify the virtual gateway interface. 6. v-gateway v-gateway-name domain domain-name //Modify the virtual gateway domain name. 7. v-gateway v-gateway-name http-redirect enable //Configure the HTTP redirection function of the virtual gateway. 8. v-gateway v-gateway-name max-user max-user //Modify the maximum number of virtual gateway users. Its default value is 1. 9. v-gateway v-gateway-name cur-max-user cur-max-user //Modify the maximum number of concurrent users of the virtual gateway. 10. v-gateway v-gateway-name max-resource max-resource //Modify the maximum number of resources on the virtual gateway. Its default value is 1.

Why does a user automatically log out a while after logging in to the SSL VPN gateway through the web UI
The default session timeout time of the SSL VPN gateway is 5 minutes. If a user does not perform any operations within 5 minutes, the user automatically logs out. You can take the following steps to change the session timeout time: 1.Choose Network > SSL VPN > SSL VPN. 2.Click the Gateway Configuration tab. 3.In Session Timeout, enter a value you want to set. The session timeout time, also called the aging time, is the time when a user connection is terminated because no traffic is transmitted. After the timeout time elapses, the server and client must re-authenticate each other, and the user must re-log in. NOTICE: To allow users to use the same user account but different IP addresses to log in to the SSL VPN gateway, use the default value of Session Timeout (5 minutes).

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top