ssl vpn

Yesterday I got a chance to take a look at a SSL VPN. The endpoint can download an ActiveX contorl from a secure web site after logon it. This ActiveX control will create a virtual adaptor, assign a user a virtual private IP. The traffic to the intranet will be intercepted and forward to this virtual adaptor (by chaning routing table?), and then a SSL tunnel is used to establish connections to the web servers.

The main advanatages of the SSL VPN are:

• Do not have to install VPN client. You only need a browser
• Provides granularity for access control.
• Use port 443 opened by most firewalls.